2 matches found
CVE-2021-33965
China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRMesh/setZRMesh which receives parameters by POST request, and the parameter meshenable and meshdevice have a command injection vulnerability. An attacker can use the vulnerability to execute remote commands...
CVE-2021-33965
CVE-2021-33965 affects China Mobile An Lianbao WF-1 V1.0.1 router. The web interface at /api/ZRMesh/set_ZRMesh processes POST parameters mesh_enable and mesh_device and can be abused to perform command injection, enabling remote command execution. This is described across multiple feeds (NVD/Red ...