CVE-2026-36540

Netis AC1200 Router NC21 V4.0.1.4296 is vulnerable to unauthenticated command injection via the /cgi-bin/skkset.cgi endpoint. The password and newpwdconfirm POST parameters are passed directly to the underlying OS shell without sanitization. An attacker can inject arbitrary shell commands by...

PT-2026-43707

Netis AC1200 Router NC21 V4.0.1.4296 is vulnerable to unauthenticated command injection via the /cgi-bin/skk set.cgi endpoint. The password and new pwd confirm POST parameters are passed directly to the underlying OS shell without sanitization. An attacker can inject arbitrary shell commands by...

Netis AC1200 安全漏洞

The Netis AC1200 is a series of dual-band wireless broadband routers produced by the Chinese company Netis. The Netis AC1200 V4.0.1.4296 version contains a security vulnerability. This vulnerability stems from the POST parameters “password” and “newpwdconfirm” being passed directly to the...

Netis Systems多款产品 安全漏洞

Netis Systems NX10 and others are a wireless dual-band gigabit router from Netis Systems. A security vulnerability exists in various Netis Systems products. An attacker can exploit the vulnerability to obtain sensitive information through the endpoint /cgi-bin/skkset.cgi and the binary file...