Invia #383846: edimax IC-5150W 3.10 command injectioninformazioni

Titoloedimax IC-5150W 3.10 command injection
Descrizioneedimax IC-5150W has command injection vulnerability in ipcam_cgi.The program receives the value of the host field through the cgiFormString function, concatenates it into a formatted string using the sprintf function, and finally executes a system command using the system function. Since the attacker's input is not filtered, any command can be executed.
Fonte⚠️ https://yjz233.notion.site/edimax-IC-5150W-has-command-injection-vulnerability-in-ipcam_cgi-cc72c7b7e2f24ba6a6609b6fcf78df34?pvs=4
Utente
 jylsec (UID 60282)
Sottomissione31/07/2024 15:38 (2 anni fa)
Moderazione08/08/2024 16:37 (8 days later)
StatoDuplicato
Voce VulDB273986 [Edimax IC-6220DC/IC-5150W fino a 3.06 ipcam_cgi cgiFormString host escalationi di privilegi]
Punti0

PrecedenteVisione D'ensembleIl prossimo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!