2 matches found
CVE-2020-21992
Inim Electronics SmartLiving SmartLAN/G/SI =6.x suffers from an authenticated remote command injection vulnerability. The issue exist due to the 'par' POST parameter not being sanitized when called with the 'testemail' module through web.cgi binary. The vulnerable CGI binary ELF 32-bit LSB...
CVE-2020-21992
Inim Electronics SmartLiving SmartLAN/G/SI <= 6.x (ARM, 32-bit) contains an authenticated remote command injection vulnerability. The issue arises because the par POST parameter is not sanitized when the testemail module is invoked via web.cgi; the vulnerable binary uses system() to run sh to ...