|
|
|
|
|
|
by cynic_
4634 days ago
|
|
|
Even without privilege escalation a feel like this is a big security risk.
I can't imagine having dozens of servers bound to a web service, with a user interface accessible from anywhere with a simple login and password. and from that interface you can add any number of arbitrary command. I've created the account, copy the command, pasted in a terminal but I just couldn't hit enter... and that is in my home computer. I downloaded the link and the target manually, just checkout the content. |
|
|