Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SAPIDO RB-1732 V2.0.43 Remote Command Execution via formSysCmd
Vulnerability Description
SAPIDO RB-1732 V2.0.43 contains a remote command execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands by submitting malicious input to the formSysCmd endpoint. Attackers can send POST requests with the sysCmd parameter containing shell commands to execute code on the device with router privileges.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
通过用户控制密钥绕过授权机制
Vulnerability Title
SAPIDO RB-1732 安全漏洞
Vulnerability Description
SAPIDO RB-1732是中国台湾SAPIDO公司的一个无线路由器。 SAPIDO RB-1732 V2.0.43版本存在安全漏洞,该漏洞源于formSysCmd端点存在远程命令执行,可能导致未经验证的攻击者执行任意系统命令。
CVSS Information
N/A
Vulnerability Type
N/A