Cribl UI 1.5.0 allows remote attackers to run arbitrary commands via an unauthenticated web request.