cve/CVE-2017-6884.md at 9ac4b787af2fa0b7575b28040edee6199ce9a667

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00(AAQT.4)b8. The vulnerability is located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute arbitrary commands on the router, such as the ping_ip parameter to the expert/maintenance/diagnostic/nslookup URI.

POC

Reference

https://www.exploit-db.com/exploits/41782/

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/MiracleAnameke/Cybersecurity-Vulnerability-and-Exposure-Report
https://github.com/Ostorlab/KEV
https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
https://github.com/oxMdee/Cybersecurity-Vulnerability-and-Exposure-Report

1.1 KiB Raw Blame History

CVE-2017-6884

Description

POC

Reference

Github

1.1 KiB

Raw Blame History