2 matches found
CVE-2019-10656
Grandstream GWN7000 before 1.0.6.32 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the filename in a /ubus/uci.apply updatendswebrootfromtmp API call...
CVE-2019-10656
Summary: CVE-2019-10656 affects Grandstream GWN7000 prior to 1.0.6.32. Affected component is the /ubus/uci.apply update_nds_webroot_from_tmp API call, where remote authenticated users can inject shell metacharacters in a filename to execute arbitrary code on the device. Public references across d...