An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a command injection in the function downloadFirmware in hnap, which leads to remote code execution via shell metacharacters in a JSON value.
CVSS Score
9.8
EPSS Score
0.045
Published
2019-04-18
Page 2