CVE-2021-37289

CVE-2021-37289

EPSS 1.4%

Insecure Permissions in administration interface in Planex MZK-DP150N 1.42 and 1.43 allows attackers to execute system command as root via etc_ro/web/syscmd.asp.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://jvn.jp/en/vu/JVNVU98291763/https://samy.link/blog/a-hidden-web-shell-in-the-plug-in-wireless-planex-mzk-dp150n http://www.planex.co.jp/products/mzk-dp150n/