CVE-2022-47616

Summary

Hitron CODA-5310 has insufficient filtering for specific parameters in the connection test function. A remote attacker authenticated as an administrator, can use the management page to perform command injection attacks, to execute arbitrary system command, manipulate system or disrupt service.

Affected Software

VendorProductVersion RangeStatus
Hitron Technologies Inc.Hitron CODA-5310all versionaffected

Weaknesses

  • CWE-78: CWE-78: Improper Neutralization of Special Elements used in an OS Command

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References