2 matches found
CVE-2021-44080
A Command Injection vulnerability in httpd web server setup.cgi in SerComm h500s, FW: lowi-h500s-v3.4.22 allows logged in administrators to arbitrary OS commands as root in the device via the connectiontype parameter of the statussupportdiagnostictracing.json endpoint...
CVE-2021-44080
The CVE-2021-44080 entry affects SerComm h500s routers (FW lowi-h500s-v3.4.22). The vulnerability is a command-injection in the httpd web server’s setup.cgi, exploitable by a logged-in administrator via the connection_type parameter of the statussupport_diagnostic_tracing.json endpoint, enabling ...