It has been discovered that the bcfg2 server, a configuration management server for bcfg2 clients, is not properly sanitizing input from bcfg2 clients before passing it to various shell commands. This enables an attacker in control of a bcfg2 client to execute arbitrary commands on the server with root privileges.