提交 #603669: Belkin F9K1122 1.00.33 OS Command Injection信息

标题Belkin F9K1122 1.00.33 OS Command Injection
描述We found an Command Injection vulnerability in Belkin router with firmware which was released recently, allows remote attackers to execute arbitrary OS commands from a crafted request.In formSetWanStatic function, m_wan_ipaddr、m_wan_netmask、m_wan_gateway、m_wan_staticdns1、m_wan_staticdns2 is directly passed by the attacker, so we can control the m_wan_ipaddr、m_wan_netmask、m_wan_gateway、m_wan_staticdns1、m_wan_staticdns2 to attack the OS.
来源⚠️ https://github.com/wudipjq/my_vuln/blob/main/Belkin/vuln_1/1.md
用户
 Bond (UID 87064)
提交2025-06-25 08時44分 (10 月前)
管理2025-07-05 17時25分 (10 days later)
状态已接受
VulDB条目314995 [Belkin F9K1122 1.00.33 webs /goform/formSetWanStatic 权限提升]
积分20

上一步一览下一步

Want to know what is going to be exploited?

We predict KEV entries!