Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Command injection vulnerability in Nexxt Solutions NCM-X1800 Mesh Router versions UV1.2.7 and below, allowing authenticated attackers to execute arbitrary commands on the device. The vulnerability is present in the web management interface's ping and traceroute functionality, specifically in the /web/um_ping_set.cgi endpoint. The application fails to properly sanitize user input in the `Ping_host_text` parameter before passing it to the underlying system command, allowing attackers to inject and execute arbitrary shell commands as the root user.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Nexxt Solutions NCM-X1800 命令注入漏洞
Vulnerability Description
Nexxt Solutions NCM-X1800是Nexxt Solutions公司的一款路由器。 Nexxt Solutions NCM-X1800 UV1.2.7及之前版本存在命令注入漏洞,该漏洞源于命令注入,可能导致执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A