4 matches found
GenieACS => 1.2.8 - OS Command Injection
In GenieACS 1.2.x before 1.2.8, the UI interface API is vulnerable to unauthenticated OS command injection via the ping host argument lib/ui/api.ts and lib/ping.ts. The vulnerability arises from insufficient input validation combined with a missing authorization check. id: CVE-2021-46704 info:...
Exploit for OS Command Injection in Genieacs
OS Command Injection in GenieACS CVE-2021-46704 CVE-2021-46704...
Exploit for OS Command Injection in Genieacs
CVE-2021-46704-POC CVE-2021-46704 GenieACS Command Injection P...
CVE-2021-46704
CVE-2021-46704 – GenieACS : In GenieACS 1.2.x before 1.2.8, the UI interface API is vulnerable to unauthenticated OS command injection via the ping host argument in lib/ui/api.ts and lib/ping.ts. The root cause is insufficient input validation combined with a missing authorization check. This can...