Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9
CVSSv2

CVE-2020-24365

Published: 24/09/2020 Updated: 28/04/2022
CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 801
Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Summary

An issue exists on Gemtek WRTM-127ACN 01.01.02.141 and WRTM-127x9 01.01.02.127 devices. The Monitor Diagnostic network page allows an authenticated malicious user to execute a command directly on the target machine. Commands are executed as the root user (uid 0). (Even if a login is required, most routers are left with default credentials.)

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

gemteks wrtm-127acn_firmware 01.01.02.141

gemteks wrtm-127x9_firmware 01.01.02.127

Exploits

Exploit DB: Gemtek WVRTM-127ACN 01.01.02.141 Command Injection
Gemtek WVRTM-127ACN version 010102141 suffers from an authentication arbitrary command injection vulnerability ...

References

CWE-78CWE-1188https://pastebin.com/QTev1TjMhttp://packetstormsecurity.com/files/160136/Gemtek-WVRTM-127ACN-01.01.02.141-Command-Injection.htmlhttps://nvd.nist.govhttps://packetstormsecurity.com/files/160136/Gemtek-WVRTM-127ACN-01.01.02.141-Command-Injection.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223CVE-2024-0044information disclosureCVE-2024-35753HTML injectionCVE-2024-21306CVE-2024-35733SQL injectionCVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook