Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

chinamobile an lianbao wf-1 firmware 1.0.1 vulnerabilities and exploits

(subscribe to this query)
9.8
CVSSv3

CVE-2021-30233

The api/ZRIptv/setIptvInfo interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote malicious users to execute arbitrary commands via shell metacharacters in the iptv_vlan parameter.
Chinamobile An Lianbao Wf-1 Firmware 1.0.1
8.8
CVSSv3

CVE-2021-33964

China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRRuleFilter/set_firewall_level which receives parameters by POST request, and the parameter firewall_level has a command injection vulnerability. An attacker can use the vulnerability to execute remote comm...
Chinamobile An Lianbao Wf-1 Firmware 1.0.1
9.8
CVSSv3

CVE-2021-33963

China Mobile An Lianbao WF-1 v1.0.1 router web interface through /api/ZRMacClone/mac_addr_clone receives parameters by POST request, and the parameter macType has a command injection vulnerability. An attacker can use the vulnerability to execute remote commands.
Chinamobile An Lianbao Wf-1 Firmware 1.0.1
8.8
CVSSv3

CVE-2021-33965

China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRMesh/set_ZRMesh which receives parameters by POST request, and the parameter mesh_enable and mesh_device have a command injection vulnerability. An attacker can use the vulnerability to execute remote comm...
Chinamobile An Lianbao Wf-1 Firmware 1.0.1
9.8
CVSSv3

CVE-2021-30232

The api/ZRIGMP/set_IGMP_PROXY interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote malicious users to execute arbitrary commands via shell metacharacters in the IGMP_PROXY_WAN_CONNECT parameter.
Chinamobile An Lianbao Wf-1 Firmware 1.0.1
9.8
CVSSv3

CVE-2021-30228

The api/ZRAndlink/set_ZRAndlink interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote malicious users to execute arbitrary commands via shell metacharacters in the iandlink_proc_enable parameter.
Chinamobile An Lianbao Wf-1 Firmware 1.0.1
8.8
CVSSv3

CVE-2021-30229

The api/zrDm/set_zrDm interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote malicious users to execute arbitrary commands via shell metacharacters in the dm_enable, AppKey, or Pwd parameter.
Chinamobile An Lianbao Wf-1 Firmware 1.0.1
9.8
CVSSv3

CVE-2021-30230

The api/ZRFirmware/set_time_zone interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote malicious users to execute arbitrary commands via shell metacharacters in the zonename parameter.
Chinamobile An Lianbao Wf-1 Firmware 1.0.1
9.8
CVSSv3

CVE-2021-30234

The api/ZRIGMP/set_MLD_PROXY interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote malicious users to execute arbitrary commands via shell metacharacters in the MLD_PROXY_WAN_CONNECT parameter.
Chinamobile An Lianbao Wf-1 Firmware 1.0.1
9.8
CVSSv3

CVE-2021-30231

The api/zrDm/set_ZRElink interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote malicious users to execute arbitrary commands via shell metacharacters in the bssaddr, abiaddr, devtoken, devid, elinksync, or elink_proc_enable parameter.
Chinamobile An Lianbao Wf-1 Firmware 1.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCPCVE-2024-4577CVE-2024-2695CVE-2024-31870injectionCVE-2024-3813arbitrary codeCVE-2024-27801CVE-2024-30120
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook