## https://sploitus.com/exploit?id=SAINT:40E0B01A123422F1CB853238F9958BB0
Added: 05/24/2021
### Background
Zeroshell is a Linux distribution designed for router and firewall appliances which can be administered from a web interface. Zeroshell is no longer supported.
### Problem
A command injection vulnerability allows unauthenticated attackers to execute arbitrary commands by sending a specially crafted request for the `**kerbynet**` CGI.
### Resolution
Upgrade to ZeroShell 3.9.3 or higher.
### References
<https://www.tarlogic.com/advisories/zeroshell-rce-root.txt>
### Platforms
Linux