CLI Bypass Vulnerability in Ericsson Evolved Packet Gateway
CVE-2022-47531

Currently unrated

Key Information:

Vendor: Ericsson
Status: Evolved Packet Gateway
Vendor: CVE Published:; 5 December 2023

What is CVE-2022-47531?

A vulnerability in Ericsson's Evolved Packet Gateway (EPG) allows authenticated users to bypass the system's command-line interface (CLI). This flaw enables users to execute commands directly in the UNIX shell, potentially leading to unauthorized access and manipulation of system settings. Affected versions include EPG 3.x prior to 3.25 and EPG 2.x prior to 2.16. Implementing protective measures and updating to the latest versions can mitigate this issue.

References

https://www.gruppotim.it/it/footer/red-team.html

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 5, 2023
Vulnerability Reserved
Dec 19, 2022