4 matches found
CVE-2025-56498
An OS command injection vulnerability exists in PLDT WiFi Router's Prolink PGN6401V Firmware 8.1.2 web management interface. The ping6.asp page submits user input to the /boaform/formPing6 endpoint via the pingAddr parameter, which is not properly sanitized. An authenticated attacker can exploit...
CVE-2025-56498
An OS command injection vulnerability exists in PLDT WiFi Router's Prolink PGN6401V Firmware 8.1.2 web management interface. The ping6.asp page submits user input to the /boaform/formPing6 endpoint via the pingAddr parameter, which is not properly sanitized. An authenticated attacker can exploit...
PLDT WiFi Router Prolink PGN6401V 安全漏洞
PLDT WiFi Router Prolink PGN6401V is a router from PLDT Philippines. A security vulnerability exists in PLDT WiFi Router Prolink PGN6401V Firmware version 8.1.2, which stems from insufficient cleanup of the pingAddr parameter in the ping6.asp page, which could lead to OS command injection...
CVE-2025-56498
The CVE-2025-56498 entry concerns the PLDT WiFi Router Prolink PGN6401V (Firmware 8.1.2) web management interface. The vulnerability resides in the ping6.asp page, where the pingAddr parameter is sent to /boaform/formPing6 without proper sanitization, enabling an authenticated attacker to inject ...