CVE-2020-37123

Name of the Vulnerable Software and Affected Versions Pinger version 1.0

Description Remote code execution is possible due to unsanitized input in the 'ping.php' endpoint. Attackers can inject shell commands by appending shell metacharacters to the ping and socket parameters, allowing them to write arbitrary PHP files and execute system commands.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.