A command injection vulnerability in the firmware_update command, in the device's restricted telnet interface, allows an authenticated attacker to execute arbitrary commands as root.
https://www.tenable.com/security/research/tra-2023-1
Source: MITRE
Published: 2023-02-11
Updated: 2023-02-21
Type: CWE-77