VYPR
Unrated severityNVD Advisory· Published Jun 12, 2023· Updated Jan 3, 2025

CVE-2022-38156

CVE-2022-38156

Description

A remote command injection issues exists in the web server of the Kratos SpectralNet device with SpectralNet Narrowband (NB) before 1.7.5. As an admin user, an attacker can send a crafted password in order to execute Linux commands as the root user.

Affected products

2
  • Kratos/SpectralNet Narrowbanddescription
  • Go Kratos/Kratosllm-fuzzy
    Range: <1.7.5

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.