2 matches found
CVE-2022-36264
In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists an Unauthenticated remote Arbitrary File Upload vulnerability which allows overwriting arbitrary files. A malicious actor can remotely upload a file of their choice and overwrite any file in the system by manipulating the filename a...
CVE-2022-36264
Airspan AirSpot 5410 (versions up to 0.3.4.1-4 and earlier) is affected by an unauthenticated remote Arbitrary File Upload vulnerability. The root cause is filename manipulation with a relative path during the upload process, allowing an attacker to overwrite any file or upload a new file. Affect...