Zoraxy has an authenticated command injection in the Web SSH feature
A command injection vulnerability in the Web SSH feature allows an authenticated attacker to execute arbitrary commands as root on the host.
Advisories for Golang/Github.com/Tobychui/Zoraxy package
2024