CVE-2022-39811

Name of the Vulnerable Software and Affected Versions Italtel NetMatch-S CI version 5.2.0-20211008

Description The issue concerns incorrect Access Control. Specifically, it affects the "NMSCI-WebGui/advancedsettings.jsp" and "NMSCI-WebGui/SaveFileUploader" endpoints. This allows an attacker to view unauthorized pages and modify system configuration by bypassing controls without verifying user identity.

Recommendations For Italtel NetMatch-S CI version 5.2.0-20211008, consider restricting access to the "NMSCI-WebGui/advancedsettings.jsp" and "NMSCI-WebGui/SaveFileUploader" endpoints until a proper fix is available. Additionally, ensure that all system configurations are monitored closely for unauthorized changes. At the moment, there is no information about a newer version that contains a fix for this vulnerability.