Active Debug Code

CVE-2022-32585

High

9.8/10

Summary

A command execution vulnerability exists in the clish art2 functionality of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-489 - Active Debug Code

The application is deployed to unauthorized actors with debugging code still enabled or active, which can create unintended entry points or expose sensitive information.

References

Advisory Timeline

Published Jun 30, 2022

Active Debug Code

CVE-2022-32585

Summary

CWE-489 - Active Debug Code

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS