Vulnerability Details CVE-2022-39818
In NOKIA NFM-T R19.9, an OS Command Injection vulnerability occurs in /cgi-bin/R19.9/log.pl of the VM Manager WebUI via the cmd HTTP GET parameter. This allows authenticated users to execute commands, with root privileges, on the operating system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 81.7%
CVSS Severity
CVSS v3 Score 8.8
Products affected by CVE-2022-39818
-
cpe:2.3:a:nokia:network_functions_manager_for_transport:19.9