CVE-2019-13025

Name of the Vulnerable Software and Affected Versions Compal CH7465LG version CH7465LG-NCIP-6.12.18.24-5p8-NOSH

Description The issue is related to Incorrect Access Control due to Improper Input Validation. An attacker can send a maliciously modified POST request containing shell commands to a backend API endpoint, which will be executed on the device.

Recommendations For Compal CH7465LG version CH7465LG-NCIP-6.12.18.24-5p8-NOSH, consider restricting access to the backend API endpoint to minimize the risk of exploitation. Avoid using the API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.