CVE-2019-5323

Summary

There are command injection vulnerabilities present in the AirWave application. Certain input fields controlled by an administrative user are not properly sanitized before being parsed by AirWave. If conditions are met, an attacker can obtain command execution on the host.

Affected Software

VendorProductVersion RangeStatus
n/aAirWave Management Platform8.x prior to 8.2.10.1affected

Weaknesses

  • Remote Code Execution via Command Injection

ADP Enrichment

CVE Program Container

Additional References

References