13 matches found
VulnCheck KEV: CVE-2025-1448
A vulnerability was found in Synway SMG Gateway Management Software up to 20250204. It has been rated as critical. This issue affects some unknown processing of the file 9-12ping.php. The manipulation of the argument retry leads to command injection. The attack may be initiated remotely. The...
CVE-2025-71284
Synway SMG Gateway Management Software contains an OS command injection vulnerability in the RADIUS configuration endpoint at /en/9-2radius.php where the radiusaddress POST parameter is split and interpolated directly into a sed command without sanitization. An unauthenticated remote attacker can...
CVE-2025-71284 Synway SMG Gateway Management Software OS Command Injection via radius_address
Synway SMG Gateway Management Software contains an OS command injection vulnerability in the RADIUS configuration endpoint at /en/9-2radius.php where the radiusaddress POST parameter is split and interpolated directly into a sed command without sanitization. An unauthenticated remote attacker can...
CVE-2025-71284
Synway SMG Gateway Management Software is affected by an OS command injection in the RADIUS configuration endpoint /en/9-2radius.php. The radius_address POST parameter (and related fields) is split and interpolated directly into a sed command without sanitization, enabling an unauthenticated remo...
Synway SMG Gateway Management Software 操作系统命令注入漏洞
Synway SMG Gateway Management Software is a gateway management software developed by Synway Corporation. This software has a vulnerability related to operating system command injection. The vulnerability stems from the RADIUS configuration endpoint/en/9-2radius.php, where the radiusaddress POST...
CVE-2025-1448
A vulnerability was found in Synway SMG Gateway Management Software up to 20250204. It has been rated as critical. This issue affects some unknown processing of the file 9-12ping.php. The manipulation of the argument retry leads to command injection. The attack may be initiated remotely. The...
EUVD-2025-4756
Malicious code in bioql PyPI...
CVE-2025-1448
A vulnerability was found in Synway SMG Gateway Management Software up to 20250204. It has been rated as critical. This issue affects some unknown processing of the file 9-12ping.php. The manipulation of the argument retry leads to command injection. The attack may be initiated remotely. The...
CVE-2025-1448 Synway SMG Gateway Management Software 9-12ping.php command injection
A vulnerability was found in Synway SMG Gateway Management Software up to 20250204. It has been rated as critical. This issue affects some unknown processing of the file 9-12ping.php. The manipulation of the argument retry leads to command injection. The attack may be initiated remotely. The...
CVE-2025-1448 Synway SMG Gateway Management Software 9-12ping.php command injection
A vulnerability was found in Synway SMG Gateway Management Software up to 20250204. It has been rated as critical. This issue affects some unknown processing of the file 9-12ping.php. The manipulation of the argument retry leads to command injection. The attack may be initiated remotely. The...
CVE-2025-1448
CVE-2025-1448 affects Synway SMG Gateway Management Software up to 20250204. The issue is in the handling of the file 9-12ping.php, where the retry parameter can be manipulated to trigger a command-injection vulnerability. Exploitation can be remote; public PoCs exist. Remediation details are lim...
PT-2025-6919 · Synway · Synway Smg Gateway Management
Name of the Vulnerable Software and Affected Versions: Synway SMG Gateway Management Software up to 20250204 Description: A critical issue affects the processing of the file 9-12ping.php in Synway SMG Gateway Management Software. The manipulation of the retry argument leads to command injection...
Synway SMG Gateway Management Software 注入漏洞
Synway SMG Gateway Management Software is a gateway management software from Synway. An injection vulnerability exists in Synway SMG Gateway Management Software 20250204 and prior versions, which stems from the parameter retry in file 9-12ping.php that can lead to command injection...