SINEC INS (Infrastructure Network Services) is a web-based application that combines various network services in one tool. This simplifies the installation and management of all network services associated with industrial networks. Siemens SINEC INS suffers from an operating system command injection vulnerability due to the radius configuration mechanism of the affected product not properly checking uploaded certificates. An attacker could exploit this vulnerability to cause a denial of service condition or possibly execute commands on the system.