Enviar #446639: EnGenius ENS500-AC 3.7.20 Command Injectioninformación

Título	EnGenius ENS500-AC 3.7.20 Command Injection
Descripción	Engenius multiple devices /admin/network/diag_ping6 interface has a command injection vulnerability, after the user logs in to the device, the diag_ping6 parameters command injection, the final system can successfully execute the command, can directly obtain system permissions.
Fuente	⚠️ https://k9u7kv33ub.feishu.cn/wiki/FBJCwjFPZiY4aakElh6cwF25nff
Usuario	liutong (UID 76264)
Sumisión	2024-11-18 14:25 (hace 2 años)
Moderación	2024-11-24 16:14 (6 days later)
Estado	Aceptado
Entrada de VulDB	285977 [EnGenius ENH1350EXT/ENS500-AC/ENS620EXT hasta 20241118 diag_ping6 escalada de privilegios]
Puntos	18

Want to stay up to date on a daily basis?

Enable the mail alert feature now!