CVE-2022-39819 Information

Description

In NOKIA 1350 OMS R14.2 multiple OS Command Injection vulnerabilities occur in /cgi-bin/R14.2/log.pl via the cmd HTTP GET parameter and /cgi-bin/R14.2/checkping.pl via the addr HTTP GET parameter. This allows authenticated users to execute commands on the operating system.

Reference

https://www.gruppotim.it/it/footer/red-team.html