CVE-2019-10656 in GWN7000
摘要
由 MITRE
Grandstream GWN7000 before 1.0.6.32 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the filename in a /ubus/uci.apply update_nds_webroot_from_tmp API call.
If you want to get best quality of vulnerability data, you may have to visit VulDB.