Critical severity9.8NVD Advisory· Published May 12, 2022· Updated Jun 17, 2026
CVE-2022-29539
CVE-2022-29539
Description
resi-calltrace in RESI Gemini-Net 4.2 is affected by OS Command Injection. It does not properly check the parameters sent as input before they are processed on the server. Due to the lack of validation of user input, an unauthenticated attacker can bypass the syntax intended by the software (e.g., concatenate `&|;\r\ commands) and inject arbitrary system commands with the privileges of the application user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- RESI/Gemini-Netdescription
- Range: 4.2
Patches
Vulnerability mechanics
References
2- www.gruppotim.it/it/footer/red-team.htmlnvdThird Party Advisory
- www.resi.it/prodotti-soluzioni-commerciali/gemini-network-service-monitoringnvdProductVendor Advisory
News mentions
0No linked articles in our index yet.