The vulnerability of the bs_SetDNSInfo() function in the libshare-0.0.26.so library of the LB-LINK router software allows a attacker to execute arbitrary commands.

The vulnerability of the bsSetDNSInfo function in the libshare-0.0.26.so library of the LB-LINK router software is related to the lack of data cleaning measures at the management level when processing the parameters dns1 and dns2. Exploiting this vulnerability allows a remote attacker to execute...

CVE-2022-24144

Tenda AX3 v16.03.12.10CN was discovered to contain a command injection vulnerability in the function WanParameterSetting. This vulnerability allows attackers to execute arbitrary commands via the gateway, dns1, and dns2 parameters...

CVE-2021-40411

An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.13620121102. At 6 the dnsdata-dns2 variable, that has the value of the dns2 parameter provided through the SetLocalLink API, is not validated properly. This would lead to an OS...