CVE-2024-27772

Name of the Vulnerable Software and Affected Versions Unitronics Unistream Unilogic versions prior to 1.35.227

Description The issue is related to OS Command Injection, which may allow Remote Code Execution (RCE). This is due to the lack of measures to neutralize special elements used in the operating system command. An attacker, acting remotely, can exploit this issue to execute arbitrary code.

Recommendations For versions prior to 1.35.227, update to version 1.35.227 or later to resolve the issue. As a temporary workaround, consider restricting access to the system to minimize the risk of exploitation. Avoid using the vulnerable OS Command Injection functionality until the issue is resolved. At the moment, there is no additional information about other mitigation measures.