0x01 Vulnerability description

an issue was discovered on WAVLINK AERIAL X 1200M devices where a crafted POST request can be sent to adm.cgi that will result in the execution of the supplied command if there is an active session at the same time

0x02 Affected version

WAVLINK AERIAL X 1200M

0x03 Vulnerability

In adm.cgi, the received POST is directly spliced to the system function for execution

0x04 PoC verification

0x05 Acknowledgement

PeiWen.Huang

Yuyu.Cao

Shengjie.Xu

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

AERIAL X 1200_Command Execution Vulnerability.md

AERIAL X 1200_Command Execution Vulnerability.md

0x01 Vulnerability description

0x02 Affected version

0x03 Vulnerability

0x04 PoC verification

0x05 Acknowledgement

Files

AERIAL X 1200_Command Execution Vulnerability.md

Latest commit

History

AERIAL X 1200_Command Execution Vulnerability.md

File metadata and controls

0x01 Vulnerability description

0x02 Affected version

0x03 Vulnerability

0x04 PoC verification

0x05 Acknowledgement