The affected product is vulnerable due to missing authentication, which may allow an attacker to read or modify sensitive data and execute arbitrary code, resulting in a denial-of-service condition.
Credits
rgod, working with Trend Micro’s Zero Day Initiative, reported these vulnerabilities to CISA
