Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetStaticRouteSettings API function, as demonstrated by shell metacharacters in the staticroute_list field.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Motorola C1和Motorola M2 操作系统命令注入漏洞
Vulnerability Description
Motorola C1和Motorola M2都是美国摩托罗拉(Motorola)公司的一款智能手机。 使用1.01版本固件的Motorola C1和使用1.07版本固件的Motorola M2中存在操作系统命令注入漏洞。远程攻击者可借助特制的请求利用该漏洞执行任意的操作系统命令。
CVSS Information
N/A
Vulnerability Type
N/A