CVE-2020-15836

Name of the Vulnerable Software and Affected Versions Mofi Network MOFI4500-4GXeLTE version 4.1.5-std

Description An issue was discovered where the authentication function passes untrusted data to the operating system without proper sanitization. A crafted request can be sent to execute arbitrary commands as root.

Recommendations For Mofi Network MOFI4500-4GXeLTE version 4.1.5-std, as a temporary workaround, consider restricting access to the authentication function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.