EUVD-2017-5515

Malware in sbrugna...

VulnCheck KEV: CVE-2011-5010

apps/a3/cfgethping.cgi in the Ctek SkyRouter 4200 and 4300 allows remote attackers to execute arbitrary commands via shell metacharacters in the PINGADDRESS parameter for a "u" action...

CVE-2017-14000

An Improper Authentication issue was discovered in Ctek SkyRouter Series 4200 and 4400, all versions prior to V6.00.11. By accessing a specific uniform resource locator URL on the web server, a malicious user is able to access the application without authenticating...

CVE-2017-14000

An Improper Authentication issue was discovered in Ctek SkyRouter Series 4200 and 4400, all versions prior to V6.00.11. By accessing a specific uniform resource locator URL on the web server, a malicious user is able to access the application without authenticating...

Authentication flaw

An Improper Authentication issue was discovered in Ctek SkyRouter Series 4200 and 4400, all versions prior to V6.00.11. By accessing a specific uniform resource locator URL on the web server, a malicious user is able to access the application without authenticating...

CVE-2017-14000

An Improper Authentication issue was discovered in Ctek SkyRouter Series 4200 and 4400, all versions prior to V6.00.11. By accessing a specific uniform resource locator URL on the web server, a malicious user is able to access the application without authenticating...

CVE-2017-14000

CVE-2017-14000 affects Ctek SkyRouter Series 4200/4400 (all versions before V6.00.11). The vulnerability is an Improper Authentication that allows access to the web application without authenticating by hitting a specific URL. MITRE-style details from the provided sources indicate the impact as u...

Ctek SkyRouter Authentication Bypass Vulnerability

SkyRouter is a product from CTEK Sweden for managing wireless IP connections. An authentication bypass vulnerability exists in Ctek SkyRouter, which can be exploited by an attacker to bypass authentication restrictions and gain access to an application by accessing a specific Uniform Resource...

Ctek, Inc. SkyRouter

CVSS v3 8.6 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Ctek, Inc. Equipment: SkyRouter Vulnerability: Improper Authentication AFFECTED PRODUCTS The following versions of SkyRouter, a wireless and automation solution, are affected: SkyRouter Series 4200 and 4400 all versio...

CTEK SkyRouter 4200 and 4300 Command Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

Ctek SkyRouter 4200 and 4300 Series Routers Remote Arbitrary Command Execution Vulnerability

Ctek SkyRouter 4200 and 4300 series routers are prone to a remote arbitrary command-execution vulnerability because it fails to adequately sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright...

Ctek SkyRouter 4200 and 4300 Series Routers Remote Arbitrary Command Execution Vulnerability

Ctek SkyRouter 4200 and 4300 series routers are prone to a remote arbitrary command-execution vulnerability because it fails to adequately sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary shell commands with superuser privileges, which may facilitate a...

CVE-2011-5010

apps/a3/cfgethping.cgi in the Ctek SkyRouter 4200 and 4300 allows remote attackers to execute arbitrary commands via shell metacharacters in the PINGADDRESS parameter for a "u" action...

Deserialization of untrusted data

apps/a3/cfgethping.cgi in the Ctek SkyRouter 4200 and 4300 allows remote attackers to execute arbitrary commands via shell metacharacters in the PINGADDRESS parameter for a "u" action...

CVE-2011-5010

apps/a3/cfgethping.cgi in the Ctek SkyRouter 4200 and 4300 allows remote attackers to execute arbitrary commands via shell metacharacters in the PINGADDRESS parameter for a "u" action...

CVE-2011-5010

CVE-2011-5010 affects Ctek SkyRouter 4200 and 4300 series routers. Affected component: apps/a3/cfg_ethping.cgi under action “u”, where remote attackers can inject shell metacharacters in the PINGADDRESS parameter to execute arbitrary commands. Public references note remote command execution with ...

CTEK SkyRouter 4200/4300 - Command Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'CTEK SkyRouter 42...

CTEK SkyRouter 4200 / 4300 Command Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'CTEK SkyRouter 42...

CTEK SkyRouter 4200 and 4300 Command Execution

Exploit for hardware platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...

CTEK SkyRouter 4200 and 4300 Command Execution

This module exploits an unauthenticated remote root exploit within ctek SkyRouter 4200 and 4300. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CTEK SkyRouter 4200 and 4300 Command Execution',...