Arbitrary Code Execution in Web Interface of F-Secure Internet Gatekeeper
A vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. An authenticated user can modify settings through the web user interface in a way that could lead to an arbitrary code execution on the F-Secure Internet Gatekeeper server.
This issue and a proof-of-concept exploit was reported privately to F-Secure as part of our Vulnerability Reward Program. No known attacks have been reported or observed in the wild.
F-Secure Corporation would like to thank following person for bringing this issue to our attention.