CVE-2024-25851 | Netis WF2780 2.1.40144 cgitest.cgi other_para config_sequence command injection

Posted by Angelo Barbosa | Feb 22, 2024 | CVE

A vulnerability has been found in Netis WF2780 2.1.40144 and classified as critical. Affected by this vulnerability is the function other_para of the file cgitest.cgi. The manipulation of the argument config_sequence leads to command injection.

This vulnerability is known as CVE-2024-25851. Access to the local network is required for this attack to succeed. There is no exploit available.

CVE-2024-25851 | Netis WF2780 2.1.40144 cgitest.cgi other_para config_sequence command injection

Related Posts

CVE-2024-31283 | zorem Advanced Local Pickup for WooCommerce Plugin up to 1.6.2 on WordPress authorization

CVE-2023-49235 | TRENDnet TV-IP1314PI 5.5.3 200714 Debug Information libremote_dbg.so popen os command injection

CVE-2024-4349 | SourceCodester Pisay Online E-Learning System 1.0 /lesson/controller.php file unrestricted upload

CVE-2024-21920 | Rockwell Automation Arena Simulation up to 16.20.02 out-of-bounds