An issue exists in NOKIA AMS 9.7.05. Remote Code Execution exists via the debugger of the ipAddress variable. A remote user, authenticated to the AMS server, could inject code in the PING function. The privileges of the command executed depend on the user that runs the service.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nokia access management system 9.7.05 |