← voltar
CVE-2017-8116

CVE-2017-8116

EPSS 4.5%
The management interface for the Teltonika RUT9XX routers (aka LuCI) with firmware 00.03.265 and earlier allows remote attackers to execute arbitrary commands with root privileges via shell metacharacters in the username parameter in a login request.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/nettitude/metasploit-modules/blob/master/teltonika_add_user.rbhttps://github.com/nettitude/metasploit-modules/blob/master/teltonika_cmd_exec.rbhttps://labs.nettitude.com/blog/cve-2017-8116-teltonika-router-unauthenticated-remote-code-execution/