| Название | 北京神州数码云科信息技术有限公司 Dcme320 latest Command Injection |
|---|
| Описание | There is a command execution vulnerability in the web management backend that allows attackers to exploit this series of vulnerabilities to execute arbitrary code and control the device.In the following code, when the action equals apply_config, the apply_config function will be called.
function\system\basic\bridge_cfg.php |
|---|
| Источник | ⚠️ https://github.com/physicszq/Routers/tree/main/Dcme |
|---|
| Пользователь | physicszq (UID 76531) |
|---|
| Представление | 21.01.2026 12:22 (5 месяцы назад) |
|---|
| Модерация | 05.02.2026 18:18 (15 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 344548 [DCN DCME-320 до 20260121 Web Management Backend bridge_cfg.php apply_config ip_list эскалация привилегий] |
|---|
| Баллы | 19 |
|---|