Looking Glass Remote Command Execution Vulnerability

info
discussion
exploit
solution
references

Looking Glass Remote Command Execution Vulnerability

Looking Glass may be exploited to execute arbitrary commands.

An attacker can prefix arbitrary commands with the '|' character, supply them through a URI parameter and have them executed in the context of the server.

This can facilitate unauthorized remote access.