| Titel | 北京神州数码云科信息技术有限公司 Dcme320 latest Command Injection |
|---|
| Beschreibung | There is a command execution vulnerability in the web management backend that allows attackers to exploit this series of vulnerabilities to execute arbitrary code and control the device.In the following code, when the action equals apply_config, the apply_config function will be called.
function\system\basic\bridge_cfg.php |
|---|
| Quelle | ⚠️ https://github.com/physicszq/Routers/tree/main/Dcme |
|---|
| Benutzer | physicszq (UID 76531) |
|---|
| Einreichung | 21.01.2026 12:22 (vor 5 Monaten) |
|---|
| Moderieren | 05.02.2026 18:18 (15 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 344548 [DCN DCME-320 bis 20260121 Web Management Backend bridge_cfg.php apply_config ip_list erweiterte Rechte] |
|---|
| Punkte | 19 |
|---|