Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The QVidium Opera11 device (firmware version 2.9.0-Ax4x-opera11) is vulnerable to Remote Code Execution (RCE) due to improper input validation on the /cgi-bin/net_ping.cgi endpoint. An attacker can exploit this vulnerability by sending a specially crafted GET request with a malicious parameter to inject arbitrary commands. These commands are executed with root privileges, allowing attackers to gain full control over the device. This poses a significant security risk to any device running this software.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
QVidium Opera11 安全漏洞
Vulnerability Description
QVidium Opera11是美国QVidium公司的一个广播编解码设备。 QVidium Opera11 2.9.0-Ax4x-opera11版本存在安全漏洞,该漏洞源于/cgi-bin/net_ping.cgi端点输入验证不当,可能导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A