Vulnerabilities > CVE-2022-31208 - Unspecified vulnerability in Infiray Iray-A8Z3 Firmware 1.0.957

047910
CVSS 9.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
infiray
critical

Summary

An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The webserver contains an endpoint that can execute arbitrary commands by manipulating the cmd_string URL parameter.

Vulnerable Configurations

Part Description Count
OS
Infiray
1
Hardware
Infiray
1