Read Time:22 Second
Posted by Balgogan via Fulldisclosure on Dec 19
**Introduction**
MajorDoMo, a beacon in Russian home automation and particularly favored by Raspberry Pi aficionados, has been a trusted
name for over a decade. With over 380 stars on its official GitHub repository at the time of writing
(https://github.com/sergejey/majordomo), its popularity is evident. However, lurking within its `thumb.php` module is a
severe unauthenticated Remote Code Execution (RCE) vulnerability before 0662e5e.
NOTE:…