CVE-2026-2550 EFM iptime A6004MX timepro.cgi commit_vpncli_file_upload unrestricted upload

A vulnerability was found in EFM iptime A6004MX 14.18.2. Affected is the function commitvpnclifileupload of the file /cgi/timepro.cgi. The manipulation results in unrestricted upload. The attack may be performed from remote. The exploit has been made public and could be used. The vendor was...

EFM ipTIME A3004T 命令注入漏洞

The EFM ipTIME A3004T is a wireless router from EFM Korea. A command injection vulnerability exists in EFM ipTIME A3004T version 14.19.0, which stems from improper handling of the parameter aaksjdkfj in the file /sess-bin/timepro.cgi, which could lead to command injection...