Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Belkin F9K1122 webs formBSSetSitesurvey os command injection
Vulnerability Description
A vulnerability was found in Belkin F9K1122 1.00.33 and classified as critical. Affected by this issue is the function formBSSetSitesurvey of the file /goform/formBSSetSitesurvey of the component webs. The manipulation of the argument wan_ipaddr/wan_netmask/wan_gateway/wl_ssid is directly passed by the attacker/so we can control the wan_ipaddr/wan_netmask/wan_gateway/wl_ssid leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Belkin F9K1122 命令注入漏洞
Vulnerability Description
Belkin F9K1122是加拿大Belkin公司的一款WiFi信号扩展器。 Belkin F9K1122 1.00.33版本存在命令注入漏洞,该漏洞源于文件/goform/formBSSetSitesurvey中参数wan_ipaddr/wan_netmask/wan_gateway/wl_ssid的错误操作导致os命令注入。
CVSS Information
N/A
Vulnerability Type
N/A