In Config Manager, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210009; Issue ID: OSBNB00123234.
References
Link | Resource |
---|---|
https://corp.mediatek.com/product-security-acknowledgements | Vendor Advisory |
Information
Published : 2023-02-06 14:15
Updated : 2023-02-15 07:12
NVD link : CVE-2021-31574
Mitre link : CVE-2021-31574
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
mediatek
- en7528
- en7580_firmware
- en7580
- en7528_firmware