Spryker Commerce OS with spryker/http module versions prior to 1.7.0 suffer from a remote command execution vulnerability due to a predictable value in use. Continue reading...