CVE-2022-41763 Information

Description

An issue was discovered in NOKIA AMS 9.7.05. Remote Code Execution exists via the debugger of the ipAddress variable. A remote user authenticated to the AMS server could inject code in the PING function. The privileges of the command executed depend on the user that runs the service.

Reference

https://www.gruppotim.it/it/footer/red-team.html