Command Injection Vulnerability in Hitron CODA-5310: Remote Code Execution and Service Disruption

Command Injection Vulnerability in Hitron CODA-5310: Remote Code Execution and Service Disruption

CVE-2022-47616 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Hitron CODA-5310 has insufficient filtering for specific parameters in the connection test function. A remote attacker authenticated as an administrator, can use the management page to perform command injection attacks, to execute arbitrary system command, manipulate system or disrupt service.

Learn more about our Web Application Penetration Testing UK.