CVE-2019-9118
CVE-2019-9118 affects Motorola C1 and M2 devices with firmware 1.01 and 1.07. The issue is a command injection in the HNAP API: when a function triggers a system() call with untrusted input from the request body (SetNTPServerSettings), crafted input (shell metacharacters in system_time_timezone) ...