NEW R2100 Series 5G Ruggedized Router — Built for the Roof of Vehicles and IoT Learn More

Discover Cradlepoint near you

We have dedicated teams in regions the world over. We’re here to answer your questions and connect you with the perfect Wireless WAN solution for your unique business needs.

Asia-Pacific
North America
Latin America
Africa
Europe

For a full list of where our solutions are available, please visit our Availability Page.


CVE-2022-3086: Cradlepoint NCOS Command Injection

2022-11-18 17:07:34

SUMMARY:

An authenticated local user on NetCloud OS (NCOS) versions before 7.22.70 can run a restricted shell escape sequence utilizing an OpenVPN Tunnel Feature that could allow local authenticated user the ability to execute code.

 


 

Public Disclosure: https://www.cisa.gov/uscert/ics/advisories/icsa-22-321-02

 

Vulnerability Status:

  • NetCloud Manager: Not Affected
  • NetCloud OS: Affected, Patched July 2022 with release 7.22.70