Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.7, MT300N-V2 v4.3.7, AR750S v4.3.7, AR750 v4.3.7, AR300M v4.3.7, and B1300 v4.3.7., allows local attackers to execute arbitrary code via the get_system_log and get_crash_log functions of the logread module, as well as the upgrade_online function of the upgrade module.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GL.INET 多款产品安全漏洞
Vulnerability Description
GL.iNet MT1300等都是中国GL.iNet公司的产品。GL.iNet MT1300是一款路由器。GL.iNet MT300N-V2是一款迷你路由器。GL.iNet AR750S是一款路由器。 GL.INET 多款产品存在安全漏洞,该漏洞源于logread模块中的get_system_log和get_crash_log函数,以及upgrade模块中的upgrade_online函数中可以通过 API 使用 Shell 元字符注入,允许通过外部提供的参数执行shell命令,从而实现对相关产品的控制。
CVSS Information
N/A
Vulnerability Type
N/A