sfpagent Command Injection vulnerability
lib/sfpagent/bsig.rb in the sfpagent gem before 0.4.15 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in the module name in a JSON request.
Advisories for Gem/Sfpagent package
2017