Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The setter.xml component of the Common Gateway Interface on Compal CH7465LG 6.12.18.25-2p4 devices does not properly validate ping command arguments, which allows remote authenticated users to execute OS commands as root via shell metacharacters in the Target_IP parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Compal CH7465LG 操作系统命令注入漏洞
Vulnerability Description
Compal CH7465LG是中国台湾仁宝电脑工业(Compal)公司的一款无线路由器。 Compal CH7465LG 6.12.18.25-2p4版本中的Common Gateway Interface的setter.xml组件存在安全漏洞,该漏洞源于程序没有正确验证ping命令参数。远程攻击者可借助‘Target_IP’参数中的shell元字符利用该漏洞执行操作系统命令。
CVSS Information
N/A
Vulnerability Type
N/A