CVE-2017-12573
PLANEX CS-W50HD devices with firmware prior to 030720 expose a command-injection vulnerability in the web management UI on the NAS settings page at /cgi-bin/nasset.cgi. An attacker can send a crafted HTTP POST request to execute arbitrary code, with authentication required before the attack. This...