Ericsson Network Location MPS GMPC21 Remote Code Execution

Discussion in 'News Aggregator' started by Packet Storm, 3 Nov 2021.

  1. Packet Storm

    Packet Storm Guest

    This Metasploit module exploits an arbitrary command execution vulnerability in Ericsson Network Location Mobile Positioning Systems. The export feature in various parts of the application is vulnerable. It is a feature made for the information in the tables to be exported to the server and imported later when required. Export operations contain the file_name parameter. This parameter is assigned as a variable between the server commands on the backend side. It allows command injection.

    Continue reading...
     

Share This Page

Loading...