OpenNetAdmin (ONA) is a popular open-source IP Address Management (IPAM) solution used to track and manage IP addresses, subnets, and DNS records. However, version contains a critical vulnerability that allows for Remote Code Execution (RCE) .
Version 18.1.1, released in early 2019, was the last stable release in the 18.x branch. It included several quality-of-life improvements but inadvertently introduced—or failed to patch—a critical command injection vulnerability. opennetadmin 18.1.1 exploit