CVE-2022-39817 Information

Description

In NOKIA 1350 OMS R14.2 multiple SQL Injection vulnerabilities occur in /cgi-bin/R14.2/easy1350.pl via the id or host HTTP GET parameter or /cgi-bin/R14.2/cgi-bin/R14.2/host.pl via the host HTTP GET parameter. Exploitation requires an authenticated attacker.

Reference

https://www.gruppotim.it/it/footer/red-team.html