CVE-2022-29337 PoC — C-DATA FD702XW-X-R430 操作系统命令注入漏洞

Source

Associated Vulnerability

Description

C-DATA FD702XW-X-R430 v2.1.13_X001 was discovered to contain a command injection vulnerability via the va_cmd parameter in formlanipv6. This vulnerability allows attackers to execute arbitrary commands via a crafted HTTP request.

Readme

# CVE-2022-29337
C-DATA FD702XW-X-R430 v2.1.13_X001 was discovered to contain a command injection vulnerability via the va_cmd parameter in formlanipv6. This vulnerability allows attackers to execute arbitrary commands via a crafted HTTP request.

File Snapshot

 [4.0K]  /data/pocs/cdea9bb8a97dfe51408cae6620f496147a00e1f7
├── [4.3K]  exploit_lanipv6.py
├── [ 247]  README.md
└── [1.5K]  reverse_shell_mipsle.c

0 directories, 3 files

Remarks