CVE-2022-46408 Information

Description

Ericsson Network Manager (ENM) versions prior to 22.1 contains a vulnerability in the application Network Connectivity Manager (NCM) where improper Neutralization of Formula Elements in a CSV File can lead to remote code execution or data leakage via maliciously injected hyperlinks. The attacker would need admin/elevated access to exploit the vulnerability.

Reference

https://www.gruppotim.it/it/footer/red-team.html