CVE-2022-1362

CWE-78 : IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND ('OS COMMAND INJECTION')
The affected On-Premise cnMaestro is vulnerable inside a specific route where a user can upload a crafted package to the system. An attacker could abuse this user-controlled data to execute arbitrary commands on the server.

Risk Information

  • CVE ID
  • CVE-2022-1362
  • Vendor
  • Cambium Networks
  • Product
  • cnMaestro
  • CVSS v3
  • 5.0