Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Netcore POWER13 Query String cgi-bin command injection
Vulnerability Description
A vulnerability, which was classified as critical, was found in Netcore NBR1005GPEV2, B6V2, COVER5, NAP830, NAP930, NBR100V2, NBR200V2 and POWER13 up to 20250508. This affects an unknown part of the file /www/cgi-bin/ of the component Query String Handler. The manipulation leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
Netcore多款产品 注入漏洞
Vulnerability Description
Netcore NBR1005GPEV2等都是中国磊科(Netcore)公司的产品。Netcore NBR1005GPEV2是一个全千兆多WAN口POE供电企业AP管理多功能有线路由器。Netcore B6V2是一款全千兆无线路由器。Netcore COVER5是一款企业级路由器。 Netcore多款产品存在注入漏洞,该漏洞源于对文件/www/cgi-bin/的错误操作导致命令注入。以下产品及版本受到影响:NBR1005GPEV2、B6V2、COVER5、NAP830、NAP930、NBR100V2、NB
CVSS Information
N/A
Vulnerability Type
N/A