CVE-2018-0626

Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via sysCmd in formWsc parameter...

CVE-2018-0626

Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via sysCmd in formWsc parameter...

CVE-2018-20057

An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. goform/formSysCmd allows remote authenticated users to execute arbitrary OS commands via the sysCmd POST parameter...

PT-2018-3890 · D Link · D-Link Dir-605L +1

Name of the Vulnerable Software and Affected Versions: D-Link DIR-619L version 2.06B1 D-Link DIR-605L version 2.12B1 Description: An issue was discovered in the /bin/boa component of D-Link DIR-619L and DIR-605L devices. The goform/formSysCmd endpoint allows remote authenticated users to execute...

Cambium Networks cnPilot Backdoor Access Elevation of Privilege Vulnerability

Cambium Networks cnPilot is a cloud-enabled managed single-band router product from Cambium Networks, USA. A security vulnerability exists in Cambium Networks cnPilot using firmware version 4.3.2-R4 and earlier. An attacker can exploit the vulnerability by accessing the web shell using the...

PT-2017-16427

Name of the Vulnerable Software and Affected Versions: Cambium Networks cnPilot firmware versions 4.3.2-R4 and prior Description: The issue concerns an undocumented, root-privilege administration web shell accessible via a specific HTTP path. This path is "https:///adm/syscmd.asp". Recommendation...