Quickfire Cyber Bulletin June 5, 2026
← Back

CVE-2022-27224

Informational

Description

An issue was discovered in Galleon NTS-6002-GPS 4.14.103-Galleon-NTS-6002.V12 4. An authenticated attacker can perform command injection as root via shell metacharacters within the Network Tools section of the web-management interface. All three networking tools are affected (Ping, Traceroute, and DNS Lookup) and their respective input fields (ping_address, trace_address, nslookup_address).

Scores & Signals

CVSS 3.1 7.2 — HIGH
EPSS score 0.1194 (93.8th percentile)
CISA KEV No
Affected Galsys Nts-6002-Gps Firmware
Published 2022-05-09

Sources

External references

Risk scores are deterministic, based on public signals only. They are informational context, not a final verdict. Always consult vendor advisories before taking action.