| 제목 | 北京神州数码云科信息技术有限公司 Dcme320 latest Command Injection |
|---|
| 설명 | There is a command execution vulnerability in the web management backend that allows attackers to exploit this series of vulnerabilities to execute arbitrary code and control the device.In the following code, when the action equals apply_config, the apply_config function will be called.
function\system\basic\bridge_cfg.php |
|---|
| 원천 | ⚠️ https://github.com/physicszq/Routers/tree/main/Dcme |
|---|
| 사용자 | physicszq (UID 76531) |
|---|
| 제출 | 2026. 01. 21. PM 12:22 (5 개월 ago) |
|---|
| 모더레이션 | 2026. 02. 05. PM 06:18 (15 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 344548 [DCN DCME-320 까지 20260121 Web Management Backend bridge_cfg.php apply_config ip_list 권한 상승] |
|---|
| 포인트들 | 19 |
|---|