An issue was discovered in NOKIA AMS 9.7.05. Remote Code Execution exists via the debugger of the ipAddress variable. A remote user, authenticated to the AMS server, could inject code in the PING function. The privileges of the command executed depend on the user that runs the service.
References
Link | Resource |
---|---|
https://www.gruppotim.it/it/footer/red-team.html | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-09-05T00:00:00
Updated: 2023-09-05T12:36:15.620298
Reserved: 2022-09-29T00:00:00
Link: CVE-2022-41763
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-09-05T13:15:07.717
Modified: 2023-09-08T13:14:00.017
Link: CVE-2022-41763
JSON object: View
Redhat Information
No data.
CWE