Upgrade Uniguest Tripleplay to version 24.2.1 or later immediately.
By injecting specific payloads into this header, an attacker can trick the server into executing arbitrary system commands with the privileges of the web service. Mitigation To address this vulnerability, administrators should: 53387.rar
Unauthenticated Remote Code Execution (RCE). Upgrade Uniguest Tripleplay to version 24
HTTP GET request with a malicious X-Forwarded-For header. Technical Analysis 53387.rar