CVE-2020-7244

Name of the Vulnerable Software and Affected Versions Comtech Stampede FX-1010 version 7.4.3

Description The issue allows remote authenticated administrators to achieve remote code execution by navigating to the "Poll Routes" page and entering shell metacharacters in the Router IP Address field. In some cases, authentication can be achieved with the comtech password for the comtech account.

Recommendations For Comtech Stampede FX-1010 version 7.4.3, consider restricting access to the Poll Routes page and limiting the use of shell metacharacters in the Router IP Address field until a patch is available. As a temporary workaround, avoid using the Router IP Address field with shell metacharacters to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.