CVE-2022-39818

2023-12-2500:00:00

mitre

www.cve.org

nokia nfm-t

os command injection

vm manager webui

9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.2%

JSON

In NOKIA NFM-T R19.9, an OS Command Injection vulnerability occurs in /cgi-bin/R19.9/log.pl of the VM Manager WebUI via the cmd HTTP GET parameter. This allows authenticated users to execute commands, with root privileges, on the operating system.

References

www.gruppotim.it/it/footer/red-team.html