Inspired by this blogpost I decided to take a quick look at i2p myself (details on the vulnerability were not given at this point in time).
After messing a bit with the routerconsole I figured that the "refresh" parameter of the page "summaryframe.jsp" ends up in the configuration of i2p. So let's just track down this behaviormore here........http://www.phenoelit.org/blog/archives/2014/10/11/tldr_just_another_way_to_get_rce_in_i2p_version_0_9_13/index.html