CVE-2019-11364

Critical 7.2

An OS Command Injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to inject arbitrary OS commands via the ServerConf/DataManagement/DiskManager.php FORMNAS_share parameter.

Published August 30, 2019.