ProLink PRC2402M is a router from ProLink Singapore. A command injection vulnerability exists in the set_TR069 function in the adm.cgi binary file of ProLink PRC2402M 1.0.18 and prior versions. An attacker can exploit this vulnerability to cause command injection by passing the TR069_local_port parameter value directly to the system.