CVE-2024-38288

A command-injection issue in the Certificate Signing Request (CSR) functionality in R-HUB TurboMeeting through 8.x allows authenticated attackers with administrator privileges to execute arbitrary commands on the underlying server as root. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt