| Title | edimax IC-6220DC 3.06 command injection |
|---|
| Description | edimax IC-6220DC has command injection vulnerability in ipcam_cgi.The program receives the value of the host field through the cgiFormString function, concatenates it into a formatted string using the sprintf function, and finally executes a system command using the system function. Since the attacker's input is not filtered, any command can be executed. |
|---|
| Source | ⚠️ https://yjz233.notion.site/edimax-IC-6220DC-has-command-injection-vulnerability-in-ipcam_cgi-2029d67721f2473b8cfce5e286a70307?pvs=4 |
|---|
| User | jylsec (UID 60282) |
|---|
| Submission | 07/31/2024 15:37 (2 years ago) |
|---|
| Moderation | 08/08/2024 16:37 (8 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 273986 [Edimax IC-6220DC/IC-5150W up to 3.06 ipcam_cgi cgiFormString host command injection] |
|---|
| Points | 16 |
|---|