Описание
The web administrative portal in Zhone zNID GPON 2426A before S3.0.501 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddr parameter to zhnping.cmd.
The web administrative portal in Zhone zNID GPON 2426A before S3.0.501 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddr parameter to zhnping.cmd.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2014-9118
- https://www.exploit-db.com/exploits/38453
- http://packetstormsecurity.com/files/133921/Zhone-Insecure-Reference-Password-Disclosure-Command-Injection.html
- http://seclists.org/fulldisclosure/2015/Oct/57
- http://www.securityfocus.com/archive/1/536663/100/0/threaded
Связанные уязвимости
CVSS3: 8.8
nvd
больше 8 лет назад
The web administrative portal in Zhone zNID GPON 2426A before S3.0.501 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddr parameter to zhnping.cmd.