Vulnerabilities > CVE-2022-47531 - Unspecified vulnerability in Ericsson Evolved Packet Gateway 2.0/3.0

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

ericsson

NVD

Published: 2023-12-05

Updated: 2023-12-11

Summary

An issue was discovered in Ericsson Evolved Packet Gateway (EPG) versions 3.x before 3.25 and 2.x before 2.16, allows authenticated users to bypass system CLI and execute commands they are authorized to execute directly in the UNIX shell.

Vulnerable Configurations

Part	Description	Count
Application	Ericsson Ericsson Evolved Packet Gateway 2.0 Ericsson Evolved Packet Gateway 3.0	2

References

https://www.gruppotim.it/it/footer/red-team.html