Name of the Vulnerable Software and Affected Versions:

The product name cannot be determined.

Description:

A physical attacker with no privileges can gain full control of the affected device due to improper neutralization of special elements used in an OS Command when loading a config file from a USB drive.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.