5 matches found
CVE-2026-32833
Cudy LT300 3.0 running firmware prior to version 2.5.12 contains an OS command injection vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharacters into the cbid.system.ntp.current POST parameter in the system time configuration interface...
CVE-2026-32833
Cudy LT300 3.0 running firmware prior to version 2.5.12 contains an OS command injection vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharacters into the cbid.system.ntp.current POST parameter in the system time configuration interface...
CVE-2026-32833
CVE-2026-32833 affects Cudy LT300 3.0 firmware prior to 2.5.12. The vulnerability arises in the system time configuration interface, where an authenticated attacker can inject shell metacharacters into the cbid.system.ntp.current POST parameter via the NTP settings endpoint, enabling remote code ...
CVE-2026-32833 Cudy LT300 3.0 OS Command Injection via NTP Configuration
Cudy LT300 3.0 running firmware prior to version 2.5.12 contains an OS command injection vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharacters into the cbid.system.ntp.current POST parameter in the system time configuration interface...
PT-2026-52898
Name of the Vulnerable Software and Affected Versions Cudy LT300 3.0 versions prior to 2.5.12 Description Authenticated attackers can execute arbitrary commands on the underlying system by injecting shell metacharacters into the cbid.system.ntp.current POST parameter within the system time...