Full title: Openmediavault Remote Code Execution / Local Privilege Escalation Exploit 
Category: web applications
Platform: php
Openmediavault versions prior to 7.0.32 have a vulnerability that occurs when users in the web-admin group enter commands on the crontab by selecting the root shell. As a result of exploiting the vulnerability, authenticated web-admin users can run commands with root privileges and receive reverse shell connections.

# 0day.today @ http://0day.today/