67 matches found
EUVD-2021-12695
Malware in sbrugna...
CVE-2021-30233
The api/ZRIptv/setIptvInfo interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the iptvvlan parameter...
CVE-2021-30234
The api/ZRIGMP/setMLDPROXY interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the MLDPROXYWANCONNECT parameter...
CVE-2021-25812
Command injection vulnerability in China Mobile An Lianbao WF-1 1.01 via the 'ip' parameter with a POST request to /api/ZRQos/setonlineclient...
CVE-2021-30228
The api/ZRAndlink/setZRAndlink interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the iandlinkprocenable parameter...
CVE-2021-33965
China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRMesh/setZRMesh which receives parameters by POST request, and the parameter meshenable and meshdevice have a command injection vulnerability. An attacker can use the vulnerability to execute remote commands...
CVE-2021-33965
China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRMesh/setZRMesh which receives parameters by POST request, and the parameter meshenable and meshdevice have a command injection vulnerability. An attacker can use the vulnerability to execute remote commands...
Command injection
China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRMesh/setZRMesh which receives parameters by POST request, and the parameter meshenable and meshdevice have a command injection vulnerability. An attacker can use the vulnerability to execute remote commands...
CVE-2021-33964
China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRRuleFilter/setfirewalllevel which receives parameters by POST request, and the parameter firewalllevel has a command injection vulnerability. An attacker can use the vulnerability to execute remote commands...
CVE-2021-33964
China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRRuleFilter/setfirewalllevel which receives parameters by POST request, and the parameter firewalllevel has a command injection vulnerability. An attacker can use the vulnerability to execute remote commands...
Command injection
China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRRuleFilter/setfirewalllevel which receives parameters by POST request, and the parameter firewalllevel has a command injection vulnerability. An attacker can use the vulnerability to execute remote commands...
CVE-2021-33965
China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRMesh/setZRMesh which receives parameters by POST request, and the parameter meshenable and meshdevice have a command injection vulnerability. An attacker can use the vulnerability to execute remote commands...
CVE-2021-33965
CVE-2021-33965 affects China Mobile An Lianbao WF-1 V1.0.1 router. The web interface at /api/ZRMesh/set_ZRMesh processes POST parameters mesh_enable and mesh_device and can be abused to perform command injection, enabling remote command execution. This is described across multiple feeds (NVD/Red ...
CVE-2021-33964
CVE-2021-33964 affects the China Mobile An Lianbao WF-1 router (V1.0.1). The issue is a command injection in the web interface endpoint /api/ZRRuleFilter/set_firewall_level, where POSTing the firewall_level parameter can lead to remote command execution. Documented details identify the vulnerable...
CVE-2021-33964
China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRRuleFilter/setfirewalllevel which receives parameters by POST request, and the parameter firewalllevel has a command injection vulnerability. An attacker can use the vulnerability to execute remote commands...
China Mobile An Lianbao WF-1 router命令注入漏洞
China Mobile An Lianbao WF-1 router is a router from China Mobile China. A security vulnerability exists in China Mobile An Lianbao WF-1 V1.0.1, which can be exploited by an attacker to execute remote commands...
China Mobile An Lianbao WF-1 router 命令注入漏洞
China Mobile An Lianbao WF-1 router is a router from China Mobile China. A security vulnerability in China Mobile An Lianbao WF-1 router V1.0.1 can be exploited by an attacker to execute remote commands...
CVE-2021-33963
China Mobile An Lianbao WF-1 v1.0.1 router web interface through /api/ZRMacClone/macaddrclone receives parameters by POST request, and the parameter macType has a command injection vulnerability. An attacker can use the vulnerability to execute remote commands...
CVE-2021-33963
China Mobile An Lianbao WF-1 v1.0.1 router web interface through /api/ZRMacClone/macaddrclone receives parameters by POST request, and the parameter macType has a command injection vulnerability. An attacker can use the vulnerability to execute remote commands...
Command injection
China Mobile An Lianbao WF-1 v1.0.1 router web interface through /api/ZRMacClone/macaddrclone receives parameters by POST request, and the parameter macType has a command injection vulnerability. An attacker can use the vulnerability to execute remote commands...