CVE-2019-15020

Name of the Vulnerable Software and Affected Versions Zingbox Inspector versions 1.293 and earlier

Description A security issue exists due to the failure to neutralize special elements in the network traffic handler. This could allow a remote attacker to intercept and modify software update packets. The vulnerability may enable an attacker to supply an invalid software update image, potentially resulting in command injection.

Recommendations For Zingbox Inspector versions 1.293 and earlier, update to a version later than 1.293 to resolve the issue. As a temporary workaround, consider restricting access to the software update mechanism to minimize the risk of exploitation. Avoid using potentially vulnerable update images until the issue is resolved.