2 matches found
CVE-2024-53945
The KuWFi 4G AC900 LTE router 1.0.13 is vulnerable to command injection on the HTTP API endpoints /goform/formMultiApnSetting and /goform/atCmd. An authenticated attacker can execute arbitrary OS commands with root privileges via shell metacharacters in parameters such as pincode and cmds...
CVE-2024-53945
The CVE-2024-53945 entry concerns the KuWFi 4G AC900 LTE router (version 1.0.13). The vulnerability is a command injection in the HTTP API endpoints /goform/formMultiApnSetting and /goform/atCmd. An authenticated attacker can inject shell metacharacters into parameters such as pincode and cmds to...