Command injection

2021-03-2522:15:00

PRIOn knowledge base

www.prio-n.com

9.7 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.5%

JSON

Realtek xPON RTL9601D SDK 1.9 stores passwords in plaintext which may allow attackers to possibly gain access to the device with root permissions via the build-in network monitoring tool and execute arbitrary commands.

CPENameOperatorVersion
xpon_rtl9601d_software_development_kiteq1.9

CPE	Name	Operator	Version
	xpon_rtl9601d_software_development_kit	eq	1.9

References

www.realtek.com/images/safe-report/RTL9601D_CVE-2021-27372.pdf