Submit #382470: Alien Technology ALR-F800 19.10.24.00 and lower OS Command Injectioninfo

TitleAlien Technology ALR-F800 19.10.24.00 and lower OS Command Injection
DescriptionALR-F800 is a high-performance RFID reader and features Gatescape web interface. A vulnerability exists in /var/www/cgi-bin/upgrade.cgi. An attacker can execute system commands by crafting a malicious filename.
Source⚠️ https://github.com/Push3AX/vul/blob/main/Alien%20Technology%20/ALR-F800.md
User
 PushEAX (UID 54708)
Submission07/30/2024 03:03 (2 years ago)
Moderation08/07/2024 08:38 (8 days later)
StatusAccepted
VulDB entry273859 [Alien Technology ALR-F800 up to 19.10.24.00 File Name upgrade.cgi popen uploadedFile os command injection]
Points16

PreviousOverviewNext

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!