4 matches found
VulnCheck KEV: CVE-2025-1448
A vulnerability was found in Synway SMG Gateway Management Software up to 20250204. It has been rated as critical. This issue affects some unknown processing of the file 9-12ping.php. The manipulation of the argument retry leads to command injection. The attack may be initiated remotely. The...
CVE-2025-71284
Synway SMG Gateway Management Software contains an OS command injection vulnerability in the RADIUS configuration endpoint at /en/9-2radius.php where the radiusaddress POST parameter is split and interpolated directly into a sed command without sanitization. An unauthenticated remote attacker can...
CVE-2025-71284 Synway SMG Gateway Management Software OS Command Injection via radius_address
Synway SMG Gateway Management Software contains an OS command injection vulnerability in the RADIUS configuration endpoint at /en/9-2radius.php where the radiusaddress POST parameter is split and interpolated directly into a sed command without sanitization. An unauthenticated remote attacker can...
Synway SMG Gateway Management Software 注入漏洞
Synway SMG Gateway Management Software is a gateway management software from Synway. An injection vulnerability exists in Synway SMG Gateway Management Software 20250204 and prior versions, which stems from the parameter retry in file 9-12ping.php that can lead to command injection...