A Command Injection Vulnerability in an LTE Bridge

This video demonstrates a command injection vulnerability in the telnet interface of the Microhard BulletLTE-NA2 v1.2.0-r1130 and below. The Microhard BulletLTE-NA2 is a bridge device designed to add cellular connectivity to Ethernet or serial devices to facilitate remote management and communication. It is used in SCADA/ICS environments, cellular infrastructure, power utilities, and more. It’s critical to always treat user input as potentially malicious and never send unverified input to calls. Read the blog for more details: https://www.keysight.com/blogs/en/tech/nwvs/2024/07/01/cmd-inj-vuln-in-lte-bridge