Twistedknee

Name of the Vulnerable Software and Affected Versions: PecanProject pecan versions 1.7.2 through 1.8.0 Description: The issue allows a remote attacker to execute arbitrary code via a crafted payload to the `hostname`, `sitegroupid`, `lat`, `lon`, and `sitename` parameters. This enables the attacker to perform unauthorized actions on the affected system. Recommendations: For PecanProject pecan versions 1.7.2 through 1.8.0, consider restricting access to the vulnerable parameters `hostname`, `sitegroupid`, `lat`, `lon`, and `sitename` to minimize the risk of exploitation until a patch is available. Avoid using these parameters in crafted payloads to prevent arbitrary code execution.