Command Injection Vulnerability in Ohcount 3.0.0
CVE-2017-16926 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
Ohcount 3.0.0 is prone to a command injection via specially crafted filenames containing shell metacharacters, which can be exploited by an attacker (providing a source tree for Ohcount processing) to execute arbitrary code as the user running Ohcount.
Learn more about our User Device Pen Test.