Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
MitraStar GPT-2541GNAC Firewall Settings Page settings-firewall.cgi os command injection
Vulnerability Description
A vulnerability, which was classified as critical, was found in MitraStar GPT-2541GNAC BR_g5.6_1.11(WVK.0)b26. Affected is an unknown function of the file /cgi-bin/settings-firewall.cgi of the component Firewall Settings Page. The manipulation of the argument SrcInterface leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. We tried to contact the vendor early about the disclosure but the official mail address was not working properly.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
MitraStar GPT-2541GNAC 操作系统命令注入漏洞
Vulnerability Description
MitraStar GPT-2541GNAC是中国盟创(MitraStar)公司的一款路由器。 MitraStar GPT-2541GNAC存在操作系统命令注入漏洞,该漏洞源于/cgi-bin/settings-firewall.cgi的Firewall Settings Page组件包含一个命令注入漏洞。
CVSS Information
N/A
Vulnerability Type
N/A