CVE-2022-3027

Name of the Vulnerable Software and Affected Versions CMS8000 (affected versions not specified)

Description The CMS8000 device does not properly control or sanitize the SSID name of a new Wi-Fi access point. A threat actor could create an SSID with a malicious name, including non-standard characters that, when the device attempts connecting to the malicious SSID, the device can be exploited to write arbitrary files or display incorrect information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.