22.5.9.163

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-18	CVE-2019-19117	OS Command Injection vulnerability in Phicomm K2(Psg1218) Firmware 22.5.9.163 /usr/lib/lua/luci/controller/admin/autoupgrade.lua on PHICOMM K2(PSG1218) V22.5.9.163 devices allows remote authenticated users to execute any command via shell metacharacters in the cgi-bin/luci autoUpTime parameter. network low complexity phicomm CWE-78 critical	9.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.