Unrated severityNVD Advisory· Published Nov 17, 2022· Updated Apr 25, 2025

Elsight – Elsight Halo Remote Code Execution (RCE)

CVE-2022-36784

Description

Elsight – Elsight Halo Remote Code Execution (RCE) Elsight Halo web panel allows us to perform connection validation. through the POST request : /api/v1/nics/wifi/wlan0/ping we can abuse DESTINATION parameter and leverage it to remote code execution.

Affected products

Halo Dev/Halollm-fuzzy
Elsight/Elsight Halov5
Range: All versions

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.gov.il/en/Departments/faq/cve_advisoriesmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000