CVE-2023-36670

A remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. An attacker can execute arbitrary Linux commands as root by sending crafted TCP requests to the device. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt