Pokersec

Name of the Vulnerable Software and Affected Versions: AnyShare (affected versions not specified) Description: AnyShare contains a critical unauthenticated remote code execution issue in the ServiceAgent API exposed on port 10250. The `/api/ServiceAgent/start service` endpoint accepts user-supplied input via POST requests and does not properly sanitize command-like payloads. An attacker can inject shell syntax that is interpreted by the backend, enabling arbitrary command execution. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.