PT-2023-30066 · Zioncom (Hong Kong) Technology Limited · A7000R

Name of the Vulnerable Software and Affected Versions: ZIONCOM Hong Kong Technology Limited A7000R version 4.1cu.4154 Description: An issue allows an attacker to execute arbitrary code via the "cig-bin/cstecgi.cgi" endpoint to the setPasswordCfg function. Recommendations: For version 4.1cu.4154,...

PT-2023-22497 · S Cms · S-Cms

Name of the Vulnerable Software and Affected Versions: S-CMS version 5.0 Description: The issue is related to an authenticated remote code execution RCE vulnerability. It can be exploited via the /admin/ajax.php API endpoint. Recommendations: For S-CMS version 5.0, consider disabling access to th...