Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Juplink RX4-1500 Command Injection Vulnerability
Vulnerability Description
Command injection vulnerability in the homemng.htm endpoint in Juplink RX4-1500 Wifi router firmware versions V1.0.2, V1.0.3, V1.0.4, and V1.0.5 allows authenticated remote attackers to execute commands as root via specially crafted HTTP requests to the vulnerable endpoint.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
Juplink RX4-1500 命令注入漏洞
Vulnerability Description
Juplink RX4-1500是Juplink公司的一款无线路由器。 Juplink RX4-1500 Wifi router存在安全漏洞,该漏洞源于homemng.htm端点存在命令注入漏洞。攻击者可利用该漏洞发送特制的HTTP请求以root身份执行任意命令。受影响的产品和版本:Juplink RX4-1500 Wifi router firmware 1.0.2版本,1.0.3版本,1.0.4版本,1.0.5版本。
CVSS Information
N/A
Vulnerability Type
N/A