CVE-2022-37718

Name of the Vulnerable Software and Affected Versions JetNexus/EdgeNexus ADC version 4.2.8

Description The management portal component of the software contains a command injection issue, allowing authenticated attackers to execute arbitrary commands through a specially crafted payload. This issue can also be exploited from an unauthenticated context via unspecified vectors.

Recommendations For JetNexus/EdgeNexus ADC version 4.2.8, consider restricting access to the management portal component until a patch is available. As a temporary workaround, avoid using the management portal with untrusted input to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.