CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 2CVE-2022-40005 – Intelbras WiFiber 120AC inMesh 1.1-220216 Command Injection
https://notcve.org/view.php?id=CVE-2022-40005
Intelbras WiFiber 120AC inMesh before 1-1-220826 allows command injection by authenticated users, as demonstrated by the /boaform/formPing6 and /boaform/formTracert URIs for ping and traceroute. Intelbras WiFiber 120AC inMesh anterior a 1-1-220826 permite la inyección de comandos por parte de usuarios autenticados, como lo demuestran los URI /boaform/formPing6 y /boaform/formTracert para ping y traceroute. Intelbras WiFiber 120AC inMesh version 1.1-220216 suffers from an authenticated command injection vulnerability. • https://cyberdanube.com/en/authenticated-command-injection-in-intelbras-wifiber-120ac-inmesh https://seclists.org/fulldisclosure/2022/Dec/13 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •