ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware prior to 3G10WVE-L101-S306ETS-C01_R05 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the DIA_IPADDRESS parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netcommwireless hspa_3g10wve_firmware 3g10wve-l101-s306ets-c01_r03 |