CVE-2022-36784

Name of the Vulnerable Software and Affected Versions Elsight Halo (affected versions not specified)

Description The Elsight Halo web panel allows connection validation through a POST request to /api/v1/nics/wifi/wlan0/ping, which can be exploited by abusing the DESTINATION parameter to achieve remote code execution.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.