An issue exists on Gemtek WRTM-127ACN 01.01.02.141 and WRTM-127x9 01.01.02.127 devices. The Monitor Diagnostic network page allows an authenticated malicious user to execute a command directly on the target machine. Commands are executed as the root user (uid 0). (Even if a login is required, most routers are left with default credentials.)
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gemteks wrtm-127acn_firmware 01.01.02.141 |
||
gemteks wrtm-127x9_firmware 01.01.02.127 |