Vulnerability in Airspan Airvelocity

CVE-2022-36310

Airspan AirVelocity 1500 software prior to version 15.18.00.2511 had NET-SNMP-EXTEND-MIB enabled on its snmpd service, enabling an attacker with SNMP write abilities to execute commands as root on the eNodeB. This issue may affect other Ai…

EPSS: 0.010 (76.8th percentile) — read the EPSS interpretation.

Affected products

Airspan Airvelocity — versions unspecified

Weakness classification (CWE)

CWE-242

References

helpdesk.airspan.com/browse/TRN3-1689 (x_refsource_CONFIRM)
github.com/metaredteam/external-disclosures/security/advisories/GHSA-whc6-2989-… (x_refsource_MISC)