Exploit for OS Command Injection in Gl-Inet Gl-Mt300N-V2_Firmware

🥭 MangoPunch: CVE-2022-31898 Authenticated OS Command Inje...

CVE-2022-31898

gl-inet GL-MT300N-V2 Mango v3.212 and GL-AX1800 Flint v3.214 were discovered to contain multiple command injection vulnerabilities via the pingaddr and traceaddr function parameters...

VulnCheck KEV: CVE-2025-34033

An OS command injection vulnerability exists in the Blue Angel Software Suite running on embedded Linux devices via the pingaddr parameter in the webctrl.cgi script. The application fails to properly sanitize input before passing it to the system-level ping command. An authenticated attacker can...

CVE-2023-25280

OS Command injection vulnerability in D-Link DIR820LA1FW105B03 allows attackers to escalate privileges to root via a crafted payload with the pingaddr parameter to ping.ccp...

CVE-2022-34974

D-Link DIR810LA1FW102B22 was discovered to contain a command injection vulnerability via the Pingaddr function...

CVE-2024-51186

D-Link DIR-820L 1.05b03 was discovered to contain a remote code execution RCE vulnerability via the pingaddr parameter in the pingv4 and pingv6 functions...

VulnCheck KEV: CVE-2023-25280

D-Link DIR-820 routers contain an OS command injection vulnerability that allows a remote, unauthenticated attacker to escalate privileges to root via a crafted payload with the pingaddr parameter to ping.ccp...

CVE-2022-31898

gl-inet GL-MT300N-V2 Mango v3.212 and GL-AX1800 Flint v3.214 were discovered to contain multiple command injection vulnerabilities via the pingaddr and traceaddr function parameters...

Command injection

gl-inet GL-MT300N-V2 Mango v3.212 and GL-AX1800 Flint v3.214 were discovered to contain multiple command injection vulnerabilities via the pingaddr and traceaddr function parameters...

CVE-2022-31898

gl-inet GL-MT300N-V2 Mango v3.212 and GL-AX1800 Flint v3.214 were discovered to contain multiple command injection vulnerabilities via the pingaddr and traceaddr function parameters...

CVE-2022-34974

D-Link DIR810LA1FW102B22 was discovered to contain a command injection vulnerability via the Pingaddr function...

Command injection

D-Link DIR810LA1FW102B22 was discovered to contain a command injection vulnerability via the Pingaddr function...

CVE-2022-34974

CVE-2022-34974 affects D-Link DIR810LA1_FW102B22 firmware. The issue is a command injection vulnerability in the Ping_addr function, caused by insufficient input sanitization, enabling a remote attacker to execute arbitrary code. Exploitation details are not provided in the documents; no confirme...

CVE-2022-34974

D-Link DIR810LA1FW102B22 was discovered to contain a command injection vulnerability via the Pingaddr function...

TP-Link WR940N Remote Code Execution Vulnerability

The TP-Link WR940N is a SOHO wireless router. A remote code execution vulnerability exists in the TP-Link WR940N. The vulnerability can be exploited by a remote authenticated user to execute arbitrary code via the pingaddr parameter of PingIframeRpm.htm or the dnsserver2 parameter of...

CVE-2015-1187

The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the pingaddr parameter to ping.ccp...