CVE-2017-12576
CVE-2017-12576 affects PLANEX CS-QR20 (firmware 1.30) via a hidden, undocumented management page (/admin/system_command.asp) that allows an authenticated user to execute arbitrary commands, enabling remote code execution on the device. The issue arises from an admin/debug interface that should no...