CVE ID: CVE-2018-11241 Description: Remote attacker can read and write to arbitrary files on the system as root, as demonstrated by code execution after writing to a crontab file. Vulnerability Type: Incorrect Access Control Vendor of Product: SoftCase T-Router Affected Product Code Base: T-Router network component - Linux T-Router (build: 20112017) Affected Component: T-Router network component Attack Type: Remote Impact - Code Execution: True Impact - Escalation of Privileges: True Attack Vectors: Remote user can send specially crafted packet with encryption working key, extracted from device and got r/w arbitrary files on the device. Code execution after writing to the crontab file. Reference: https://www.facebook.com/neolead, https://ptsecurity.com Vendor Confirmation: True Discoverer: Leonid Krolle / George Zaytsev (Positive Technologies)