CVE-2020-8946

2020-02-1217:29:52

mitre

www.cve.org

9 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

77.8%

JSON

Netis WF2471 v1.2.30142 devices allow an authenticated attacker to execute arbitrary OS commands via shell metacharacters in the /cgi-bin-igd/sys_log_clean.cgi log_3g_type parameter.

References

sku11army.blogspot.com/2020/02/netis-authenticated-rce-on-wf2471.html