In NOKIA NFM-T R19.9, an OS Command Injection vulnerability occurs in /cgi-bin/R19.9/log.pl of the VM Manager WebUI via the cmd HTTP GET parameter. This allows authenticated users to execute commands, with root privileges, on the operating system.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nokia network functions manager for transport 19.9 |