CVE-2022-47616

Name of the Vulnerable Software and Affected Versions Hitron CODA-5310 (affected versions not specified)

Description The issue exists due to insufficient measures to neutralize special elements used in the operating system command. A remote attacker, authenticated as an administrator, can exploit this to execute arbitrary system commands, manipulate the system, or disrupt the service. This can be achieved through the management page by performing command injection attacks, specifically targeting the connection test function with insufficient filtering for specific parameters.

Recommendations For Hitron CODA-5310, restrict access to the management page and the connection test function to minimize the risk of exploitation. As a temporary workaround, consider disabling the connection test function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.