VEXID-600210
Published 2022-07-17 23:15:00
Last Modified 2022-07-25 03:09:00
AKA CVE-2022-31208
Summary An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The webserver contains an endpoint that can execute arbitrary commands by manipulating the cmd_string URL parameter.
CVSS Score 9
CVSS
Access Vector Local Adjacent Network
Access Complexity Low Medium High
Authentication None Single Multiple
Confidentiality None Partial Complete
Integrity None Partial Complete
Availability None Partial Complete