CVE-2019-25289

SmartLiving SmartLAN =6.x contains an authenticated remote command injection vulnerability in the web.cgi binary through the 'par' POST parameter with the 'testemail' module. Attackers can exploit the unsanitized parameter and system function call to execute arbitrary system commands with root...

CVE-2019-25289

Affected software: Inim SmartLiving SmartLAN (SmartLAN/G/SI) versions 6.x and earlier. Vulnerability: authenticated remote command injection in the web.cgi binary via an unsanitized 'par' POST parameter in the 'testemail' module, allowing execution of arbitrary system commands with root privilege...

CVE-2019-25289

SmartLiving SmartLAN =6.x contains an authenticated remote command injection vulnerability in the web.cgi binary through the 'par' POST parameter with the 'testemail' module. Attackers can exploit the unsanitized parameter and system function call to execute arbitrary system commands with root...

PT-2026-1681

Name of the Vulnerable Software and Affected Versions SmartLiving SmartLAN versions 6.x and earlier Description SmartLiving SmartLAN contains a remote command injection issue in the web.cgi binary. The issue is due to an unsanitized par POST parameter within the 'testemail' module. An attacker ca...

CVE-2020-21992

Inim Electronics SmartLiving SmartLAN/G/SI =6.x suffers from an authenticated remote command injection vulnerability. The issue exist due to the 'par' POST parameter not being sanitized when called with the 'testemail' module through web.cgi binary. The vulnerable CGI binary ELF 32-bit LSB...