| 标题 | Raisecom Technology Co., Ltd. Raisecom Multi-Service Intelligent Gateway vpn_template_style.php Command Injection |
|---|
| 描述 | The /vpn/vpn_template_style.php interface in the Raisecom Multi-Service Intelligent Gateway is vulnerable to remote command execution. An attacker can exploit this vulnerability by crafting a malicious request parameter stylenum and injecting system commands using backticks (`) or pipe symbols (|). This bypasses security mechanisms, allowing the execution of arbitrary commands on the target device (e.g., writing files, executing system operations). The vulnerability can be exploited without authentication and affects multiple asset instances. Verified affected addresses include http://x.x.x.x and http://x.x.x.x:8090.
Complete Device Control: Attackers can execute arbitrary system commands, taking full control of the gateway device.
Data Leakage: Command injection can read sensitive configuration files, user credentials, or network topology information.
Service Disruption: Malicious commands may cause device reboots, service crashes, or configuration tampering.
Internal Network Penetration: Compromised devices can be used as a springboard to attack other internal systems, expanding the attack scope.
Compliance Risks: The vulnerability may violate the "Cybersecurity Law" or industry security standards, leading to legal liabilities. |
|---|
| 来源 | ⚠️ https://github.com/koishi0x01/CVE/blob/main/CVE_1.md |
|---|
| 用户 | KOISH1 (UID 81283) |
|---|
| 提交 | 2025-02-08 16時30分 (1 年前) |
|---|
| 管理 | 2025-02-21 08時00分 (13 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 296476 [Raisecom Multi-Service Intelligent Gateway 直到 20250208 Request Parameter vpn_template_style.php stylenum 权限提升] |
|---|
| 积分 | 20 |
|---|