Vulnerabilities > Telosalliance > Omnia MPX Node Firmware > 1.3.35

DATE CVE VULNERABILITY TITLE RISK
2022-12-02 CVE-2022-43325 OS Command Injection vulnerability in Telosalliance Omnia MPX Node Firmware 1.3.35/1.3.37
An unauthenticated command injection vulnerability in the product license validation function of Telos Alliance Omnia MPX Node 1.3.* - 1.4.* allows attackers to execute arbitrary commands via a crafted payload injected into the license input.
network
low complexity
telosalliance CWE-78
critical
 9.8
9.8