CVE-2022-38625
Affected product: Patlite NH-FB (versions 1.46 and earlier). Issue: Insufficient firmware validation during the upgrade firmware file upload process, enabling authenticated attackers to upload their own custom firmware and inject malicious code. Root cause / details: Documented as a design choice...