Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A ZXELINK wireless controller has a SQL injection vulnerability. A remote attacker does not need to log in. By sending malicious SQL statements, because the device does not properly filter parameters, successful use can obtain management rights. This affects: ZXV10 W908 all versions before MIPS_A_1022IPV6R3T6P7Y20.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Zxelink Wireless Controller SQL注入漏洞
Vulnerability Description
Zxelink Wireless Controller是中国中兴易联(Zxelink)公司的一款用于运营级别的无线路由器。 ZXELINK wireless controller存在SQL注入漏洞,远程攻击者可利用该漏洞不需要登录。通过发送恶意SQL语句,因为设备没有正确地过滤参数,成功使用可以获得管理权限。以下产品及版本受到影响:ZXV10 W908所有版本及MIPS_A_1022IPV6R3T6P7Y20之前版本。
CVSS Information
N/A
Vulnerability Type
N/A