| Title | Adslr NBR1005GPEV2 250814-r037c Remote code execution |
|---|
| Description | This vulnerability originates from send_order.cgi, where the CGI-ELF retrieves parameters from requests and concatenates them into commands using the sprintf function without any filtering, allowing remote attackers to execute arbitrary commands without authorization through command separators. |
|---|
| Source | ⚠️ https://www.notion.so/2a70c75766a88023aa0ed833ff0239e1 |
|---|
| User | 2er00ne (UID 91682) |
|---|
| Submission | 11/10/2025 04:58 (7 months ago) |
|---|
| Moderation | 11/30/2025 14:58 (20 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 333811 [ADSLR NBR1005GPEV2 250814-r037c /send_order.cgi set_mesh_disconnect mac command injection] |
|---|
| Points | 15 |
|---|