Name of the Vulnerable Software and Affected Versions CE805M (affected versions not specified)

Description The issue is related to the incorrect management of code generation in the CMD W REG command handler of the CE A protocol implementation in the CE805M data collection and transmission device. This could allow a remote attacker to modify a parameter in such a way that it inserts operating system commands, which would be executed when the application software auto-update is run.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.