CVE-2023-3722 Information

Description

An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could allow remote code execution as the Web server user via a malicious uploaded file. This issue affects Avaya Aura Device Services version 8.1.4.0 and earlier.

Reference

https://download.avaya.com/css/public/documents/101076366