CVE-2022-42484

An OS command injection vulnerability exists in the httpd logs/view.cgi functionality of FreshTomato 2022.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability...

FreshTomato 路径遍历漏洞

FreshTomato is a Linux-based open source firmware from FreshTomato Open Source. The firmware provides a variety of features for Broadcom-based routers. A security vulnerability exists in FreshTomato version 2022.5, which stems from its httpd update.cgi function that allows an attacker to cause...

FreshTomato 操作系统命令注入漏洞

FreshTomato is a Linux-based open source firmware from FreshTomato Open Source. The firmware provides a variety of features for Broadcom-based routers. A security vulnerability exists in FreshTomato version 2022.5 that stems from the presence of operating system command injection, which can be...

PT-2023-13604 · Unknown · Freshtomato

Name of the Vulnerable Software and Affected Versions: FreshTomato version 2022.5 Description: A directory traversal issue exists in the httpd update.cgi functionality. This allows an attacker to send a specially crafted HTTP request, potentially leading to arbitrary file read. Recommendations: F...