CVE-2021-33962
China Mobile An Lianbao WF-1 router v1.0.1 is affected by an OS command injection vulnerability in the web interface component /api/ZRUsb/pop_usb_device. The issue originates from a lack of proper command filtering and escaping in the web interface, enabling an attacker to inject OS commands. The...