4 matches found
CVE-2023-28381
creationtimestamp| type| source ---|---|--- 2023-10-11 20:17:37+00:00| seen| https://t.me/cibsecurity/72110...
CVE-2023-28381
An OS command injection vulnerability exists in the admin.cgi MVPNtrialinit functionality of peplink Surf SOHO HW1 v6.3.5 in QEMU. A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2023-28381
The CVE-2023-28381 entry maps to a concrete OS command-injection in Peplink Surf SOHO HW1 v6.3.5 (QEMU). TALOS details an OS command-injection in the admin.cgi MVPN_trial_init path, reachable only after authentication with write privileges. The vulnerable code constructs a shell command using an ...
peplink Surf SOHO HW1 admin.cgi MVPN_trial_init OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1779 peplink Surf SOHO HW1 admin.cgi MVPNtrialinit OS command injection vulnerability October 11, 2023 CVE Number CVE-2023-28381 SUMMARY An OS command injection vulnerability exists in the admin.cgi MVPNtrialinit functionality of peplink Surf SOHO HW1 v6.3.5 ...