Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Command injection vulnerability in Comtrend router
Vulnerability Description
Command injection vulnerability in Comtrend router WLD71-T1_v2.0.201820, affecting the GRG-4280us version. This vulnerability could allow an authenticated user to execute commands inside the router by making a POST request to the URL “/boaform/admin/formUserTracert”.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Comtrend router WLD71-T1 操作系统命令注入漏洞
Vulnerability Description
Comtrend router WLD71-T1是中国康全电讯(Comtrend)公司的一个路由器。 Comtrend Router WLD71-T1 v2.0.201820 版本存在操作系统命令注入漏洞,该漏洞源于容易受到命令注入影响,可能允许经过身份验证的用户通过发出POST请求来在路由器内部执行命令。
CVSS Information
N/A
Vulnerability Type
N/A