A remote unauthenticated user can execute commands as root in the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to twonky_command.cgi.
References
Link | Resource |
---|---|
https://www.tenable.com/security/research/tra-2018-08 | Exploit Third Party Advisory |
https://www.tenable.com/security/research/tra-2018-08 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 03:59
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.tenable.com/security/research/tra-2018-08 - Exploit, Third Party Advisory |
Information
Published : 2018-04-19 13:29
Updated : 2024-11-21 03:59
NVD link : CVE-2018-1143
Mitre link : CVE-2018-1143
CVE.ORG link : CVE-2018-1143
JSON object : View
Products Affected
belkin
- n750
- n750_firmware
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')