2 matches found
CVE-2021-33964
China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRRuleFilter/setfirewalllevel which receives parameters by POST request, and the parameter firewalllevel has a command injection vulnerability. An attacker can use the vulnerability to execute remote commands...
CVE-2021-33964
CVE-2021-33964 affects the China Mobile An Lianbao WF-1 router (V1.0.1). The issue is a command injection in the web interface endpoint /api/ZRRuleFilter/set_firewall_level, where POSTing the firewall_level parameter can lead to remote command execution. Documented details identify the vulnerable...