CVE-2022-32585

Summary

A command execution vulnerability exists in the clish art2 functionality of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
RobustelR15103.3.0affected

Weaknesses

  • CWE-489: CWE-489: Leftover Debug Code

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

References