Exploit ID: 47064 Vulnerability: Remote Command Injection Target: FaceSentry Access Control System 6.4.8 Vendor: iWT Ltd. Product URL: http://www.iwt.com.hk Vulnerable Firmware: - 6.4.8 build 264 (Algorithm A16) - 5.7.2 build 568 (Algorithm A14) - 5.7.0 build 539 (Algorithm A14) Technical Details: The vulnerability was discovered by LiquidWorm and reported on May 28, 2019. Affected systems can be exploited through web apps by injecting commands via specific endpoints like and . Command execution can be achieved with root privileges by sending malicious HTTP POST requests. Example: The exploit was tested on various Linux distributions, indicating potential wide compatibility.