Netis WF2471 v1.2.30142 devices allow an authenticated malicious user to execute arbitrary OS commands via shell metacharacters in the /cgi-bin-igd/sys_log_clean.cgi log_3g_type parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netis-systems wf2471_firmware 1.2.30142 |