Security Advisory

CVE-2022-50795

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-30 22:41:39

Last updated 2026-01-16 19:00:12

Assigner VulnCheck

State PUBLISHED

Description

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains a conditional command injection vulnerability that allows local authenticated users to create malicious files in the /tmp directory. Unauthenticated attackers can execute commands by making a single HTTP POST request to the traceroute.php script, which triggers the malicious file and then deletes it after execution.

← Browse all CVEs View on cve.org ↗