CVE-2011-5010

apps/a3/cfgethping.cgi in the Ctek SkyRouter 4200 and 4300 allows remote attackers to execute arbitrary commands via shell metacharacters in the PINGADDRESS parameter for a "u" action...

CVE-2011-5010

CVE-2011-5010 affects Ctek SkyRouter 4200 and 4300 series routers. Affected component: apps/a3/cfg_ethping.cgi under action “u”, where remote attackers can inject shell metacharacters in the PINGADDRESS parameter to execute arbitrary commands. Public references note remote command execution with ...

CVE-2011-5010

creationtimestamp| type| source ---|---|--- 2011-11-30 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/18172 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/http/ctekskyrouter.rb 2025-02-06 03:13:40+00:00| seen|...

CTEK SkyRouter 4200 and 4300 Command Execution

This module exploits an unauthenticated remote root exploit within ctek SkyRouter 4200 and 4300. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CTEK SkyRouter 4200 and 4300 Command Execution',...