Command Injection Vulnerability in ZTE MF286R: Arbitrary Command Execution

Command Injection Vulnerability in ZTE MF286R: Arbitrary Command Execution

CVE-2022-39073 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

There is a command injection vulnerability in ZTE MF286R, Due to insufficient validation of the input parameters, an attacker could use the vulnerability to execute arbitrary commands.

Learn more about our Web Application Penetration Testing UK.