Restrict access to management interfaces to trusted networks only.
By injecting specific payloads into this header, an attacker can trick the server into executing arbitrary system commands with the privileges of the web service. Mitigation To address this vulnerability, administrators should: 53387.rar
The flaw stems from via improper handling of the X-Forwarded-For header in HTTP GET requests. Restrict access to management interfaces to trusted networks
Unauthenticated Remote Code Execution (RCE). 53387.rar