Lucene search
RootSSV:91442HistoryMay 04, 2016 - 12:00 a.m.
NetCommWireless HSPA 3G10WVE 命令执行漏洞
2016-05-0400:00:00
Root
www.seebug.org
15
0.008 Low
EPSS
Percentile
82.0%
Below listed vulnerabilities enable an anonymous unauthorized attacker to gain access of network troubleshooting page (ping.cgi) on wireless router and inject commands to compromise full system/network.
- Bypass authentication and gain unauthorized access vulnerability - CVE-2015-6023
- Command injection vulnerability - CVE-2016-6024
Vulnerable module/page/application: ping.cgi
Vulnerable parameter: DIA_IPADDRESS
PoC URL: http(s)://<victim_IP>/ping.cgi?DIA_IPADDRESS=4.2.2.2;cat%20/etc/passwd
Related
packetstorm
packetstorm
NetCommWireless HSPA 3G10WVE Authentication Bypass / Code Execution
2016-05-03 00:00:00
exploitpack
exploitpack
NetCommWireless HSPA 3G10WVE Wireless Router - Multiple Vulnerabilities
2016-05-04 00:00:00
exploitdb
exploitdb
NetCommWireless HSPA 3G10WVE Wireless Router - Multiple Vulnerabilities
2016-05-04 00:00:00
cvelist
cvelist
CVE-2016-6024
2017-11-16 00:00:00
CVE-2015-6023
2017-02-09 15:00:00
cve
cve
CVE-2016-6024
2017-11-27 21:29:00
CVE-2015-6023
2017-02-09 15:59:00
prion
prion
Information disclosure
2017-11-27 21:29:00
Command injection
2017-02-09 15:59:00
nvd
nvd
CVE-2016-6024
2017-11-27 21:29:00
CVE-2015-6023
2017-02-09 15:59:00
zdt
zdt
NetCommWireless HSPA 3G10WVE Wireless Router - Multiple Vulnerabilities
2016-05-04 00:00:00
