| Titel | Multilaser Sirius RE016 MLT1.0 Authentication Bypass |
|---|
| Beschreibung | This vulnerability allows a remote attacker to change the administrator password on the Multilaser Sirius RE016 router without authentication via the /cgi-bin/cstecgi.cgi endpoint. This enables full control over the device, compromising network security and allowing persistence and privilege escalation attacks. |
|---|
| Quelle | ⚠️ https://github.com/DefaultCh40s/RE016/blob/main/re016.py |
|---|
| Benutzer | DefaultCh40s (UID 85145) |
|---|
| Einreichung | 24.05.2025 22:30 (vor 1 Jahr) |
|---|
| Moderieren | 01.06.2025 13:11 (8 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 310770 [Multilaser Sirius RE016 MLT1.0 Password Change /cgi-bin/cstecgi.cgi schwache Authentisierung] |
|---|
| Punkte | 17 |
|---|