A remote code execution vulnerability exists in PlaySMS due to insufficient input of user supplied input. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands as the user who owns the PlaySMS process.
Binary data playsms_cve-2020-8644.nbin