CVE-2024-41153

Command injection vulnerability in the Edge Computing UI for theTRO600 series radios that allows for the execution of arbitrary system commands. If exploited, an attacker with write access to theweb UI can execute commands on the device with root privileges,far more extensive than what the write pr...

CVE-2024-41156

Profile files from TRO600 series radios are extracted in plain-textand encrypted file formats. Profile files provide potential attackersvaluable configuration information about the Tropos network. Profilescan only be exported by authenticated users with higher privilege of write access.