By including shell meta characters within the second parameter to the 'urt_test_url' XML-RPC methodCall, an attacker can execute arbitrary commands. The service typically runs with root privileges.
CVE Link
Exploit Type - Old
Exploits/Remote
Exploit Platform
Product Name