CVE-2021-3855

Name of the Vulnerable Software and Affected Versions Liman Central Management System versions 1.7.0 through 1.8.3-462

Description The issue is related to an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. This vulnerability affects the Liman Central Management System, specifically the HTTP/Controllers, CronMail, and Jobs modules, allowing Command Injection.

Recommendations For versions 1.7.0 through 1.8.3-462, update to a version after 1.8.3-462 to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable modules, such as HTTP/Controllers, CronMail, and Jobs, to minimize the risk of exploitation.