Summary
AirOS is prone to a vulnerability that lets attackers execute arbitrary commands in the context of the application. This issue occurs because the application fails to adequately sanitize user- supplied input.
Successful attacks can compromise the affected application and possibly the underlying device.
Solution
Updates are available. Please see the references for more details.
References
Severity
Classification
-
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- AdPeeps 'index.php' Multiple Vulnerabilities.
- AproxEngine Multiple Remote Input Validation Vulnerabilities
- AjaXplorer zoho plugin Directory Traversal Vulnerability
- Atlassian JIRA Privilege Escalation and Multiple Cross Site Scripting Vulnerabilities
- AlstraSoft AskMe Pro 'forum_answer.php' and 'profile.php' Multiple SQL Injection Vulnerabilities