Name of the Vulnerable Software and Affected Versions soletta-dev-app versions (affected versions not specified)

Description The issue concerns a lack of validation for user input on the "/api/service/status" API endpoint. Specifically, the contents of the service query parameter are passed to an exec call, potentially allowing attackers to execute arbitrary commands in the system.

Recommendations Consider using an alternative module until a fix is made available. As a temporary workaround, consider restricting access to the "/api/service/status" API endpoint to minimize the risk of exploitation. Avoid using the service query parameter in the affected API endpoint until the issue is resolved.