4 matches found
CVE-2022-36267
In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Unauthenticated remote command injection vulnerability. The ping functionality can be called without user authentication when crafting a malicious http request by injecting code in one of the parameters allowing for remote code...
Command injection
In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Unauthenticated remote command injection vulnerability. The ping functionality can be called without user authentication when crafting a malicious http request by injecting code in one of the parameters allowing for remote code...
Airspan AirSpot 5410 安全漏洞
The Airspan AirSpot 5410 is an advanced LTE, CAT12, outdoor, multi-service product from Airspan USA. A security vulnerability exists in the Airspan AirSpot 5410 version 0.3.4.1-4 and prior versions, which stems from the binary component /home/www/cgi-bin/diagnostics.cgi that can receive...
PT-2022-23285
Name of the Vulnerable Software and Affected Versions Airspan AirSpot 5410 versions 0.3.4.1-4 and under Description The issue concerns an unauthenticated remote command injection vulnerability. It allows the ping functionality to be called without user authentication by crafting a malicious HTTP...