A lack of input validation exists in tac_plus prior to commit 4fdf178 which, when pre or post auth commands are enabled, allows an attacker who can control the username, rem-addr, or NAC address sent to tac_plus to inject shell commands and gain remote code execution on the tac_plus server.
[
{
"cpes": [
"cpe:2.3:a:meta:tac_plus:*:*:*:*:*:*:*:*"
],
"vendor": "meta",
"product": "tac_plus",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "4fdf178",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]