A vulnerability classified as very critical has been found in Linear eMerge e3-Series up to 1.00-07. Affected is the function
forgot_password
. The manipulation of the argument login_id leads to os command injection.
This vulnerability is traded as CVE-2024-9441. It is possible to launch the attack remotely. There is no exploit available.