MidnightBSD

Advisories for edgenexus

CVE-2022-37718

The management portal component of JetNexus/EdgeNexus ADC 4.2.8 was discovered to contain a command injection vulnerability. This vulnerability allows authenticated attackers to execute arbitrary commands through a specially crafted payload. This vulnerability can also be exploited from an unauthenticated context via unspecified vectors

Products Affected

Vendor Product Version
edgenexus application_delivery_controller 4.2.8
CVE-2022-37719

A Cross-Site Request Forgery (CSRF) in the management portal of JetNexus/EdgeNexus ADC 4.2.8 allows attackers to escalate privileges and execute arbitrary code via unspecified vectors.

Products Affected

Vendor Product Version
edgenexus application_delivery_controller 4.2.8