EUVD-2025-209597

Synway SMG Gateway Management Software contains an OS command injection vulnerability in the RADIUS configuration endpoint at /en/9-2radius.php where the radiusaddress POST parameter is split and interpolated directly into a sed command without sanitization. An unauthenticated remote attacker can...

The vulnerability of the UnlockGateway method in the software for managing and monitoring remote devices in telemetering and telemechanics systems allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.

The vulnerability of the UnlockGateway method in software for managing and monitoring remote devices in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass security...

CVE-2025-1448 Synway SMG Gateway Management Software 9-12ping.php command injection

A vulnerability was found in Synway SMG Gateway Management Software up to 20250204. It has been rated as critical. This issue affects some unknown processing of the file 9-12ping.php. The manipulation of the argument retry leads to command injection. The attack may be initiated remotely. The...

Synway SMG Gateway Management Software 注入漏洞

Synway SMG Gateway Management Software is a gateway management software from Synway. An injection vulnerability exists in Synway SMG Gateway Management Software 20250204 and prior versions, which stems from the parameter retry in file 9-12ping.php that can lead to command injection...

Weak password vulnerability in gateway management software of Hangzhou Sanhui Information Engineering Co.

Hangzhou Sanhui Information Engineering Co., Ltd. is specializing in the field of computer communications integration CTI, focusing on the production and development of voice products and applications in various industries, is the earliest in the country engaged in the development of voice...