Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The KuWFi 4G AC900 LTE router 1.0.13 is vulnerable to command injection on the HTTP API endpoints /goform/formMultiApnSetting and /goform/atCmd. An authenticated attacker can execute arbitrary OS commands with root privileges via shell metacharacters in parameters such as pincode and cmds. Exploitation can lead to full system compromise, including enabling remote access (e.g., enabling telnet).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
KuWFi 4G AC900 安全漏洞
Vulnerability Description
KuWFi 4G AC900是中国KuWFi公司的一款WiFi路由器。 KuWFi 4G AC900 1.0.13版本存在安全漏洞,该漏洞源于HTTP API端点存在命令注入,可能导致完全系统控制。
CVSS Information
N/A
Vulnerability Type
N/A