Command injection

2023-01-0321:15:00

PRIOn knowledge base

www.prio-n.com

boa

command injection

input validation

remote privilege escalation

patch

issue id

nvd

9.2 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.8%

JSON

In Boa, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20220026; Issue ID: OSBNB00144124.

CPENameOperatorVersion
linkit_software_development_kiteq< tlb7.3.258.100p11555
linkit_software_development_kiteq< tlb7.3.258.100p11555

CPE	Name	Operator	Version
	linkit_software_development_kit	eq	< tlb7.3.258.100p11555
	linkit_software_development_kit	eq	< tlb7.3.258.100p11555

References

corp.mediatek.com/product-security-bulletin/January-2023