CVE-2020-21935

A command injection vulnerability in HNAP1/GetNetworkTomographySettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary code.
References
Link Resource
https://github.com/cc-crack/router/blob/master/motocx2.md Exploit Third Party Advisory
https://l0n0l.xyz/post/motocx2/ Exploit Third Party Advisory
https://github.com/cc-crack/router/blob/master/motocx2.md Exploit Third Party Advisory
https://l0n0l.xyz/post/motocx2/ Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:motorola:cx2_firmware:1.0.2:build_20190508:*:*:*:*:*:*
cpe:2.3:h:motorola:cx2:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:12

Type Values Removed Values Added
References () https://github.com/cc-crack/router/blob/master/motocx2.md - Exploit, Third Party Advisory () https://github.com/cc-crack/router/blob/master/motocx2.md - Exploit, Third Party Advisory
References () https://l0n0l.xyz/post/motocx2/ - Exploit, Third Party Advisory () https://l0n0l.xyz/post/motocx2/ - Exploit, Third Party Advisory

Information

Published : 2021-07-21 15:15

Updated : 2024-11-21 05:12


NVD link : CVE-2020-21935

Mitre link : CVE-2020-21935

CVE.ORG link : CVE-2020-21935


JSON object : View

Products Affected

motorola

  • cx2_firmware
  • cx2
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')