Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Netgear RAX30 V1.0.10.94, a PHP-FPM misconfiguration vulnerability is caused by not following the specification to only limit FPM to .php extensions. An attacker may exploit this by uploading malicious scripts disguised with alternate extensions and tricking the web server into executing them as PHP, bypassing security mechanisms based on file extension filtering. This may lead to remote code execution (RCE), information disclosure, or full system compromise.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Netgear RAX30 安全漏洞
Vulnerability Description
NETGEAR RAX30是美国网件(NETGEAR)公司的一个双频无线路由器。 Netgear RAX30 V1.0.10.94版本存在安全漏洞,该漏洞源于PHP-FPM配置不当,可能导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A