| Titre | Raisecom Technology Co., Ltd. Raisecom Multi-Service Intelligent Gateway vpn_template_style.php Command Injection |
|---|
| Description | The /vpn/vpn_template_style.php interface in the Raisecom Multi-Service Intelligent Gateway is vulnerable to remote command execution. An attacker can exploit this vulnerability by crafting a malicious request parameter stylenum and injecting system commands using backticks (`) or pipe symbols (|). This bypasses security mechanisms, allowing the execution of arbitrary commands on the target device (e.g., writing files, executing system operations). The vulnerability can be exploited without authentication and affects multiple asset instances. Verified affected addresses include http://x.x.x.x and http://x.x.x.x:8090.
Complete Device Control: Attackers can execute arbitrary system commands, taking full control of the gateway device.
Data Leakage: Command injection can read sensitive configuration files, user credentials, or network topology information.
Service Disruption: Malicious commands may cause device reboots, service crashes, or configuration tampering.
Internal Network Penetration: Compromised devices can be used as a springboard to attack other internal systems, expanding the attack scope.
Compliance Risks: The vulnerability may violate the "Cybersecurity Law" or industry security standards, leading to legal liabilities. |
|---|
| La source | ⚠️ https://github.com/koishi0x01/CVE/blob/main/CVE_1.md |
|---|
| Utilisateur | KOISH1 (UID 81283) |
|---|
| Soumission | 08/02/2025 16:30 (il y a 1 Année) |
|---|
| Modérer | 21/02/2025 08:00 (13 days later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 296476 [Raisecom Multi-Service Intelligent Gateway jusqu’à 20250208 Request Parameter vpn_template_style.php stylenum élévation de privilèges] |
|---|
| Points | 20 |
|---|