The web console for Mimosa B5, B5c, and C5x firmware up to and including 2.8.0.2 allows authenticated command injection in the Throughput, WANStats, PhyStats, and QosStats API classes. An attacker with access to a web console account may execute operating system commands on affected devices by sending crafted POST requests to the affected endpoints (/core/api/calls/Throughput.php, /core/api/calls/WANStats.php, /core/api/calls/PhyStats.php, /core/api/calls/QosStats.php). This results in the complete takeover of the vulnerable device. This vulnerability does not occur in the older 1.5.x firmware versions.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mimosa b5_firmware |
||
mimosa b5c_firmware |
||
mimosa c5c_firmware |