CERIO RCE CVE-2018-18852, authenticated (vendor defaults) web-based RCE as root user.
CERIO router Authenticated RCE (backdoor vendor creds) CVE-2018-18852 Python PoC hook-s3c (githubcom/andripwn), @andripwn on twitter Working Python PoC for CVE-2018-18852, originally appearing on; githubcom/andripwn/CVE-2018-18852 What's up CERIO Router models and variants of, DT300N, DT100G, AMR-3204, WMR-200N are vulnerable to an authenticated web-based RCE as