14 matches found
GenieACS => 1.2.8 - OS Command Injection
In GenieACS 1.2.x before 1.2.8, the UI interface API is vulnerable to unauthenticated OS command injection via the ping host argument lib/ui/api.ts and lib/ping.ts. The vulnerability arises from insufficient input validation combined with a missing authorization check. id: CVE-2021-46704 info:...
EUVD-2025-209276
In GenieACS 1.2.13, an unauthenticated access vulnerability exists in the NBI API endpoint...
Exploit for CVE-2025-56015
CVE-2025-56015 GenieACS RCE !Authorhttps://img.shields.i...
Exploit for OS Command Injection in Genieacs
OS Command Injection in GenieACS CVE-2021-46704 CVE-2021-46704...
Exploit for OS Command Injection in Genieacs
CVE-2021-46704-POC CVE-2021-46704 GenieACS Command Injection P...
GenieACS OS Command Injection Vulnerability
GenieACS is a high-performance automatic configuration server ACS for remote management of TR-069-enabled devices. GenieACS is vulnerable to an OS command injection vulnerability, which stems from inadequate input validation and lack of authorization checks, and can be exploited by attackers to...
OS Command Injection
genieacs is vulnerable to OS command injection. An attacker is able to inject malicious OS command via the ping host argument of lib/ui/api.ts and lib/ping.ts because it does not escape the argument and does not properly perform authorization check...
OS Command Injection in GenieACS
In GenieACS 1.2.x before 1.2.8, the UI interface API is vulnerable to unauthenticated OS command injection via the ping host argument lib/ui/api.ts and lib/ping.ts. The vulnerability arises from insufficient input validation combined with a missing authorization check...
GHSA-2877-693Q-PJ33 OS Command Injection in GenieACS
In GenieACS 1.2.x before 1.2.8, the UI interface API is vulnerable to unauthenticated OS command injection via the ping host argument lib/ui/api.ts and lib/ping.ts. The vulnerability arises from insufficient input validation combined with a missing authorization check...
CVE-2021-46704
In GenieACS 1.2.x before 1.2.8, the UI interface API is vulnerable to unauthenticated OS command injection via the ping host argument lib/ui/api.ts and lib/ping.ts. The vulnerability arises from insufficient input validation combined with a missing authorization check...
CVE-2021-46704
In GenieACS 1.2.x before 1.2.8, the UI interface API is vulnerable to unauthenticated OS command injection via the ping host argument lib/ui/api.ts and lib/ping.ts. The vulnerability arises from insufficient input validation combined with a missing authorization check...
Command injection
In GenieACS 1.2.x before 1.2.8, the UI interface API is vulnerable to unauthenticated OS command injection via the ping host argument lib/ui/api.ts and lib/ping.ts. The vulnerability arises from insufficient input validation combined with a missing authorization check...
CVE-2021-46704
CVE-2021-46704 – GenieACS : In GenieACS 1.2.x before 1.2.8, the UI interface API is vulnerable to unauthenticated OS command injection via the ping host argument in lib/ui/api.ts and lib/ping.ts. The root cause is insufficient input validation combined with a missing authorization check. This can...
CVE-2021-46704
In GenieACS 1.2.x before 1.2.8, the UI interface API is vulnerable to unauthenticated OS command injection via the ping host argument lib/ui/api.ts and lib/ping.ts. The vulnerability arises from insufficient input validation combined with a missing authorization check...