/usr/lib/lua/luci/controller/admin/autoupgrade.lua on PHICOMM K2(PSG1218) V22.5.9.163 devices allows remote authenticated users to execute any command via shell metacharacters in the cgi-bin/luci autoUpTime parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phicomm k2\\(psg1218\\)_firmware 22.5.9.163 |