CVE-2025-71284 | Synway SMG Gateway Management Software 2025-07-11 RADIUS Configuration Endpoint /en/9-2radius.php os command injection

A vulnerability, which was classified as critical, has been found in Synway SMG Gateway Management Software 2025-07-11. The affected element is an unknown function of the file /en/9-2radius.php of the component RADIUS Configuration Endpoint. Performing a manipulation of the argument radius_address/radius_address2/shared_secret2/source_ip/timeout/retry results in os command injection.

This vulnerability was named CVE-2025-71284. The attack may be initiated remotely. There is no available exploit.

CVE-2025-71284 | Synway SMG Gateway Management Software 2025-07-11 RADIUS Configuration Endpoint /en/9-2radius.php os command injection

Post correlati

CVE-2025-4505 | PHPGurukul Apartment Visitors Management System 1.0 /category.php categoryname sql injection

CVE-2023-51068 | QStar Archive Solutions 3-0 Build 7 Link cross site scripting

CVE-2024-2584 | Amssplus AMSS++ 4.31 select_send.php sd_index sql injection

CVE-2024-47943 | Rittal IoT Interface/CMC III Processing Unit prior 6.21.00.2 Firmware Upgrade run.sh signature verification