A command injection vulnerability in Raynet rvia 12.6.4392.49-amd64.deb allows local adversaries to execute arbitrary commands. The flaw stems from an improperly constructed find command used by the application to locate a Java runtime. The application's internal search logic uses search criteria that is not properly terminated or sanitized, enabling an attacker to craft a directory path that satisfies th [truncated]
A command injection vulnerability in Raynet rvia version 12.6 Update 8 and earlier allows local attackers to execute arbitrary code. The flaw stems from improper input sanitization in rvia's Java search functionality, which uses the find command with improperly terminated search criteria. An attacker can exploit this by crafting a malicious path that injects commands into the find operation. The vulnerabi [truncated]
