CVE-2023-36670 Information

Description

A remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. An attacker can execute arbitrary Linux commands as root by sending crafted TCP requests to the device.

Reference

https://kratosdefense.com https://www.kratosdefense.com/vulnerability-advisories/cve-2023-36670