| عنوان | 北京神州数码云科信息技术有限公司 Dcme320 latest Command Injection |
|---|
| الوصف | There is a command execution vulnerability in the web management backend that allows attackers to exploit this series of vulnerabilities to execute arbitrary code and control the device.In the following code, when the action equals apply_config, the apply_config function will be called.
function\system\basic\bridge_cfg.php |
|---|
| المصدر | ⚠️ https://github.com/physicszq/Routers/tree/main/Dcme |
|---|
| المستخدم | physicszq (UID 76531) |
|---|
| ارسال | 21/01/2026 12:22 PM (5 أشهر منذ) |
|---|
| الاعتدال | 05/02/2026 06:18 PM (15 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 344548 [DCN DCME-320 حتى 20260121 Web Management Backend bridge_cfg.php apply_config ip_list تجاوز الصلاحيات] |
|---|
| النقاط | 19 |
|---|