2 matches found
CVE-2021-36705
In ProLink PRC2402M V1.0.18 and older, the setTR069 function in the adm.cgi binary, accessible with a page parameter value of TR069 contains a trivial command injection where the value of the TR069localport parameter is passed directly to system...
ProLink PRC2402M Command Injection Vulnerability (CNVD-2021-68446)
ProLink PRC2402M is a router from ProLink Singapore. A command injection vulnerability exists in the setTR069 function in the adm.cgi binary file of ProLink PRC2402M 1.0.18 and prior versions. An attacker can exploit this vulnerability to cause command injection by passing the TR069localport...