Xia0Chensec

**Name of the Vulnerable Software and Affected Versions** MRCMS version 3.1.2 **Description** The issue allows attackers to run arbitrary system commands via the `status` parameter, potentially leading to unauthorized access and control. **Recommendations** For MRCMS version 3.1.2, avoid using the `status` parameter in affected API endpoints until the issue is resolved. Consider restricting access to sensitive system commands to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.