Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1.3411b190912. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is related to the `new_password` request parameter.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Planet WGR-500 安全漏洞
Vulnerability Description
Planet WGR-500是中国台湾Planet公司的一个WiFi路由器。 Planet WGR-500 v1.3411b190912版本存在安全漏洞,该漏洞源于new_password请求参数操作不当,可能导致任意命令执行。
CVSS Information
N/A
Vulnerability Type
N/A