18 matches found
CVE-2019-17499
The setter.xml component of the Common Gateway Interface on Compal CH7465LG 6.12.18.25-2p4 devices does not properly validate ping command arguments, which allows remote authenticated users to execute OS commands as root via shell metacharacters in the TargetIP parameter...
Compal Broadband CH7465LG modem path traversal vulnerability
The Compal Broadband CH7465LG modem is a modem from Compal Computer Industries Compal of Taiwan, China. A path traversal vulnerability exists in the web interface of the Compal Broadband CH7465LG modem CH7465LG-NCIP-6.12.18.25-2p6-NOSH version, which arises from a failure of a networked system or...
CVE-2019-17224
The web interface of the Compal Broadband CH7465LG modem version CH7465LG-NCIP-6.12.18.25-2p6-NOSH is vulnerable to a /%2f/ path traversal attack, which can be exploited in order to test for the existence of a file pathname outside of the web root directory. If a file exists but is not part of th...
Unspecified Vulnerability in Compal CH7465LG
The Compal CH7465LG is a wireless router from Compal Computer Industries Compal of Taiwan, China. A security vulnerability exists in the setter.xml component of the Common Gateway Interface in the Compal CH7465LG version 6.12.18.25-2p4, which is caused by the program not properly validating the...
CVE-2019-17499
The setter.xml component of the Common Gateway Interface on Compal CH7465LG 6.12.18.25-2p4 devices does not properly validate ping command arguments, which allows remote authenticated users to execute OS commands as root via shell metacharacters in the TargetIP parameter...
CVE-2019-17499
The setter.xml component of the Common Gateway Interface on Compal CH7465LG 6.12.18.25-2p4 devices does not properly validate ping command arguments, which allows remote authenticated users to execute OS commands as root via shell metacharacters in the TargetIP parameter...
Design/Logic Flaw
The setter.xml component of the Common Gateway Interface on Compal CH7465LG 6.12.18.25-2p4 devices does not properly validate ping command arguments, which allows remote authenticated users to execute OS commands as root via shell metacharacters in the TargetIP parameter...
CVE-2019-17499
The setter.xml component of the Common Gateway Interface on Compal CH7465LG 6.12.18.25-2p4 devices does not properly validate ping command arguments, which allows remote authenticated users to execute OS commands as root via shell metacharacters in the TargetIP parameter...
CVE-2019-17499
The CVE-2019-17499 issue affects the Compal CH7465LG series (example version 6.12.18.25-2p4). The setter.xml component of the Common Gateway Interface does not properly validate ping command arguments, allowing remote authenticated users to run OS commands as root via shell metacharacters in the ...
CVE-2019-13025
Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. The attacker can send a maliciously modified POST HTTP request containing shell commands, which will be executed on the device, to an backend API endpoint of the cable mod...
CVE-2019-13025
Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. The attacker can send a maliciously modified POST HTTP request containing shell commands, which will be executed on the device, to an backend API endpoint of the cable mod...
Input validation
Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. The attacker can send a maliciously modified POST HTTP request containing shell commands, which will be executed on the device, to an backend API endpoint of the cable mod...
CVE-2019-13025
CVE-2019-13025 affects Compal CH7465LG/CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices. The issue is improper input validation leading to insufficient access control, allowing an attacker to send a malicious POST (HTTP) request containing shell commands to a backend API endpoint, resulting in remote co...
CVE-2019-13025
Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. The attacker can send a maliciously modified POST HTTP request containing shell commands, which will be executed on the device, to an backend API endpoint of the cable mod...
Compal CH7465LG-LC Modem/Router CH7465LG-NCIP-4.50.18.13-NOSH - Multiple Vulnerabilities
Compal CH7465LG-LC modem/router multiple vulnerabilities -------------------------------------------------------- The following vulnerabilities are the result of a quick check 3 hours of the Mercury modem. We performed a systematic and deeper evaluation of this device also, which result will be...
Compal CH7465LG-LC Modem / Router CH7465LG-NCIP-4.50.18.13-NOSH - Multiple Vulnerabilities
Exploit for hardware platform in category web applications Compal CH7465LG-LC modem/router multiple vulnerabilities -------------------------------------------------------- The following vulnerabilities are the result of a quick check 3 hours of the Mercury modem. We performed a systematic and...
Compal CH7465LG-LC ModemRouter CH7465LG-NCIP-4.50.18.13-NOSH - Multiple Vulnerabilities
Compal CH7465LG-LC ModemRouter CH7465LG-NCIP-4.50.18.13-NOSH - Multiple Vulnerabilities Compal CH7465LG-LC modem/router multiple vulnerabilities -------------------------------------------------------- The following vulnerabilities are the result of a quick check 3 hours of the Mercury modem. We...
Compal CH7465LG-LC Modem / Router Session Management / Command Injection
Compal CH7465LG-LC modem/router multiple vulnerabilities -------------------------------------------------------- The following vulnerabilities are the result of a quick check 3 hours of the Mercury modem. We performed a systematic and deeper evaluation of this device also, which result will be...