1 results (0.005 seconds)

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 2

Intelbras WiFiber 120AC inMesh before 1-1-220826 allows command injection by authenticated users, as demonstrated by the /boaform/formPing6 and /boaform/formTracert URIs for ping and traceroute. Intelbras WiFiber 120AC inMesh anterior a 1-1-220826 permite la inyección de comandos por parte de usuarios autenticados, como lo demuestran los URI /boaform/formPing6 y /boaform/formTracert para ping y traceroute. Intelbras WiFiber 120AC inMesh version 1.1-220216 suffers from an authenticated command injection vulnerability. • https://cyberdanube.com/en/authenticated-command-injection-in-intelbras-wifiber-120ac-inmesh https://seclists.org/fulldisclosure/2022/Dec/13 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •