Описание
A remote command injection vulnerability exists in the confirm.php interface of the WIFISKY 7-layer Flow Control Router via a specially-crafted HTTP GET request to the t parameter. Insufficient input validation allows unauthenticated attackers to execute arbitrary OS commands. Exploitation evidence was observed by the Shadowserver Foundation on 2025-01-25 UTC.
Ссылки
EPSS
Процентиль: 58%
0.00368
Низкий
Дефекты
CWE-78
Связанные уязвимости
github
8 месяцев назад
A remote command injection vulnerability exists in the confirm.php interface of the WIFISKY 7-layer Flow Control Router via a specially-crafted HTTP GET request to the t parameter. Insufficient input validation allows unauthenticated attackers to execute arbitrary OS commands.
EPSS
Процентиль: 58%
0.00368
Низкий
Дефекты
CWE-78