CVE-2018-14067

Name of the Vulnerable Software and Affected Versions: Green Packet WiMax DV-360 version 2.10.14-g1.0.6.1

Description: The issue allows for Command Injection, enabling unauthenticated remote command execution. This can be achieved by sending a crafted payload to the HTTPS port. The problem arises because lighttpd listens on all network interfaces, including the external Internet, by default.

Recommendations: For Green Packet WiMax DV-360 version 2.10.14-g1.0.6.1, consider restricting access to the HTTPS port or configuring lighttpd to only listen on internal network interfaces to minimize the risk of exploitation.