[ivlad]

I looked at fail2ban exploits and they are either LPE due to file permissions or command injection in other tools like mailutils.

Citation needed for the claim “has been attacked” if you refer to real attacks in the wild.

[wglb]

One noted upthread https://news.ycombinator.com/item?id=37796588

[ivlad]

Yeah, that’s command injection in mailutils I mentioned, not in fail2ban itself. Did you see how it’s supposed to be exploited? Did you see a real-life exploitation?

While it’s a nice trick, it’s simply not relevant. And the vulnerability before that seems to be 10 years old. I’d say it’s a decent track record.