Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
A command injection in the NTC2218, NTC2250, NTC2299 modems' web interfaces allows to exeucte arbitrary shell commands.
Vulnerability Description
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Newtec/iDirect NTC2218, NTC2250, NTC2299 on Linux, PowerPC, ARM allows Local Code Inclusion.This issue affects NTC2218, NTC2250, NTC2299: from 1.0.1.1 through 2.2.6.19. The `commit_multicast` page used to configure multicasts in the modem's web administration interface uses improperly parses incoming data from the request before passing it to an `eval` statement in a bash script. This allows attackers to inject arbitrary shell commands.
CVSS Information
N/A
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Newtec/iDirect NTC2218、Newtec/iDirect NTC2250和Newtec/iDirect NTC2299 操作系统命令注入漏洞
Vulnerability Description
Newtec/iDirect NTC2218等都是Newtec/iDirect公司的一款调制解调器。 Newtec/iDirect NTC2218、Newtec/iDirect NTC2250和Newtec/iDirect NTC2299存在操作系统命令注入漏洞,该漏洞源于对特殊元素的不当中和,导致操作系统命令注入漏洞。
CVSS Information
N/A
Vulnerability Type
N/A