NetModule.NRSW.gnssAutoAlign.php.Command.Injection
Description
This indicates an attack attempt to exploit an OS Command Injection Vulnerability in NetModule NRSW web admin interface.
This vulnerability is due to lack of input validation in the application. A remote, authenticated attacker could exploit this vulnerability by sending a crafted request to the endpoint. Successfully exploiting this vulnerability could result in the execution of arbitrary OS commands with escalated privileges.
Affected Products
NetModule Router Software (NRSW) 4.3.0.0 to 4.3.0.118
NetModule Router Software (NRSW) 4.4.0.0 to 4.4.0.117
NetModule Router Software (NRSW) 4.6.0.0 to 4.6.0.104
NetModule Router Software (NRSW) 4.7.0.0 to 4.7.0.102
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.netmodule.com/en/products/software-overview/router-software
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |