AirOS 6.x - Arbitrary File Upload
EDB-Note Source: https://hackerone.com/reports/73480 Vulnerability It's possible to overwrite any file and create new ones on AirMax systems, because the "php2" maybe because of a patch don't verify the "filename" value of a POST request. It's possible to a unauthenticated user to exploit this...