CVE-2020-24638

Name of the Vulnerable Software and Affected Versions: Airwave Glass versions prior to 1.3.3

Description: Multiple authenticated remote command executions are possible via the glassadmin cli, allowing a user with glassadmin privileges to execute arbitrary code as root on the underlying host operating system.

Recommendations: For versions prior to 1.3.3, update to version 1.3.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the glassadmin cli to minimize the risk of exploitation.