A vulnerability has been found in didi Super-Jacoco 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /cov/triggerUnitCover. The manipulation of the argument uuid leads to os command injection.
This vulnerability is known as CVE-2024-10919. The attack can be launched remotely. Furthermore, there is an exploit available.