Zpyqtt

**Name of the Vulnerable Software and Affected Versions** MaxKB versions prior to 1.10.9-lts MaxKB versions prior to 2.0.0 **Description** A Remote Command Execution issue exists in the MCP call. **Recommendations** Update to version 1.10.9-lts or later. Update to version 2.0.0 or later.

**Name of the Vulnerable Software and Affected Versions** MaxKB versions prior to 1.10.8-lts **Description** The issue allows attackers to exploit certain files with execution permissions in non-blacklisted directories to carry out attacks, as the Sandbox only restricts the execution permissions of binary files in common directories, such as `/bin`, `/usr/bin`, etc. **Recommendations** For versions prior to 1.10.8-lts, update to version 1.10.8-lts to resolve the issue. As a temporary workaround, consider restricting execution permissions for binary files in non-blacklisted directories to minimize the risk of exploitation.