Invicti identified a Out of Band Command Injection by capturing a DNS A request, which occurs when input data is interpreted as an operating system command.
This is a highly critical issue and should be addressed as soon as possible.
- See the remedy for solution.
- If possible, do not invoke system commands from the application.
- Find all instances of similar code and make the code changes outlined in the remedy section.