6 matches found
EUVD-2020-17558
Malware in sbrugna...
CVE-2020-24849
A remote code execution vulnerability is identified in FruityWifi through 2.4. Due to improperly escaped shell metacharacters obtained from the POST request at the pageconfigadv.php page, it is possible to perform remote code execution by an authenticated attacker. This is similar to CVE-2018-173...
Remote code execution
A remote code execution vulnerability is identified in FruityWifi through 2.4. Due to improperly escaped shell metacharacters obtained from the POST request at the pageconfigadv.php page, it is possible to perform remote code execution by an authenticated attacker. This is similar to CVE-2018-173...
Design/Logic Flaw
Shell Metacharacter Injection in www/modules/save.php in FruityWifi aka PatatasFritas/PatataWifi through 2.4 allows remote attackers to execute arbitrary code with root privileges via a crafted modname parameter in a POST request. NOTE: unlike in CVE-2018-17317, the attacker does not need a valid...
CVE-2018-17317
FruityWifi aka PatatasFritas/PatataWifi 2.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the iomode, apmode, ioaction, ioiniface, ioinset, ioinip, ioinmask, ioingw, iooutiface, iooutset, iooutmask, iooutgw, iface, or domain parameter to...
CVE-2018-17317
FruityWifi aka PatatasFritas/PatataWifi 2.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the iomode, apmode, ioaction, ioiniface, ioinset, ioinip, ioinmask, ioingw, iooutiface, iooutset, iooutmask, iooutgw, iface, or domain parameter to...