1 results (0.002 seconds)

CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 1

The diagnostic-ping implementation on ZyXEL PMG5318-B20A devices with firmware before 1.00(AANC.2)C0 allows remote attackers to execute arbitrary commands via the PingIPAddr parameter. La implementación de diagnostic-ping en dispositivos ZyXEL PMG5318-B20A con firmware anterior a 1.00(AANC.2)C0 permite a atacantes remotos ejecutar comandos arbitrarios a través del parámetro PingIPAddr. ZyXEL PMG5318-B20A suffers from a command injection vulnerability via the ping function. • https://www.exploit-db.com/exploits/38455 http://www.securitytracker.com/id/1034553 https://www.kb.cert.org/vuls/id/870744 https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R • CWE-264: Permissions, Privileges, and Access Controls •