Hidden functionality vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware: Remote command execution and device settings alteration

Hidden functionality vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware: Remote command execution and device settings alteration

CVE-2022-43464 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Hidden functionality vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.

Learn more about our Web Application Penetration Testing UK.