2 matches found
CVE-2021-20138
An unauthenticated command injection vulnerability exists in multiple parameters in the Gryphon Tower router’s web interface at /cgi-bin/luci/rc. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to th...
Gryphon Tower 操作系统命令注入漏洞
The Gryphon Tower is a wireless router from Gryphon. The Gryphon Tower suffers from a command injection vulnerability that originates from unauthenticated command injections in multiple parameters in the web interface of /cgi-bin/luci/rc, which can be exploited by an attacker to send a crafted...