cve/2024/CVE-2024-25851.md

CVE-2024-25851

Description

Netis WF2780 v2.1.40144 was discovered to contain a command injection vulnerability via the config_sequence parameter in other_para of cgitest.cgi.

POC

Reference

• https://github.com/no1rr/Vulnerability/blob/master/netis/igd_wps_set_wps_ap_ssid5g.md
• https://github.com/no1rr/Vulnerability/blob/master/netis/igd_wps_set_wps_ap_ssid5g.md
• https://github.com/no1rr/Vulnerability/blob/master/netis/other_para_config_sequence.md
• https://github.com/no1rr/Vulnerability/blob/master/netis/other_para_config_sequence.md

Github

• https://github.com/fkie-cad/nvd-json-data-feeds