CVE-2022-1362
CWE-78 : IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND ('OS COMMAND INJECTION')
The affected On-Premise cnMaestro is vulnerable inside a specific route where a user can upload a crafted package to the system. An attacker could abuse this user-controlled data to execute arbitrary commands on the server.
Risk Information
- CVE ID
- CVE-2022-1362
- Vendor
- Cambium Networks
- Product
- cnMaestro
- CVSS v3
- 5.0