← volver
CVE-2017-8116

CVE-2017-8116

EPSS 4.5%
The management interface for the Teltonika RUT9XX routers (aka LuCI) with firmware 00.03.265 and earlier allows remote attackers to execute arbitrary commands with root privileges via shell metacharacters in the username parameter in a login request.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/nettitude/metasploit-modules/blob/master/teltonika_add_user.rbhttps://github.com/nettitude/metasploit-modules/blob/master/teltonika_cmd_exec.rbhttps://labs.nettitude.com/blog/cve-2017-8116-teltonika-router-unauthenticated-remote-code-execution/