N/A

Command injection vulnerability in PLANEX COMMUNICATIONS wireless LAN routers allows a network-adjacent unauthenticated attacker to execute an arbitrary command by sending a specially crafted request to a certain port. Note that MZK-MF300N is no longer supported, therefore the update for this product is not provided.

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

在命令中使用的特殊元素转义处理不恰当(命令注入)

Planex MZK-MF300N 安全漏洞

Planex MZK-MF300N是日本Planex公司的一个世界最小级的无线 LAN 多口袋路由器。 Planex MZK-MF300N 存在安全漏洞。攻击者利用该漏洞通过向特定端口发送特制请求来执行任意命令。

N/A

N/A