Описание
A command injection vulnerability exists in the 'passwd' parameter of the PPPoE setup process on the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02). The input is passed directly to system-level commands without sanitation, enabling unauthenticated attackers to achieve root-level code execution.
EPSS
Процентиль: 85%
0.02672
Низкий
Дефекты
CWE-78
Связанные уязвимости
github
6 месяцев назад
A command injection vulnerability exists in the 'passwd' parameter of the PPPoE setup process on the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02). The input is passed directly to system-level commands without sanitation, enabling unauthenticated attackers to achieve root-level code execution.
EPSS
Процентиль: 85%
0.02672
Низкий
Дефекты
CWE-78