CVE-2022-27224
HIGHGalleon NTS-6002-GPS 4.14.103-Galleon-NTS-6002.V12 4 - Authenticated OS Command Injection via Network Tools Input Fields
Title source: llmDescription
An issue was discovered in Galleon NTS-6002-GPS 4.14.103-Galleon-NTS-6002.V12 4. An authenticated attacker can perform command injection as root via shell metacharacters within the Network Tools section of the web-management interface. All three networking tools are affected (Ping, Traceroute, and DNS Lookup) and their respective input fields (ping_address, trace_address, nslookup_address). NOTE: this is disputed by the Supplier because the affected components were never shipped in a production release (they were only present in development releases), and because no privilege boundary is crossed (an applicable "authenticated attacker" always also has the supported ability to make an SSH connection as root).
References (4)
Core 4
Core References
Product, Vendor Advisory
https://www.galsys.co.uk/support/software-download.html
Third Party Advisory
https://gist.github.com/somerandomdudeonetheinternet/2caeb201e249160fa82204ef640c8cdf
Exploit, Third Party Advisory
https://www.pentestpartners.com/security-blog/galleon-nts-6002-gps-command-injection-vulnerability-cve-2022-27224/
Scores
CVSS v3
7.2
EPSS
0.0442
EPSS Percentile
90.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-78
Status
published
Products (1)
galsys/nts-6002-gps_firmware
4.14.103-galleon-nts-6002.v12_4
Published
May 09, 2022
Tracked Since
Feb 18, 2026