Vulnerabilities

CVE-2017-18369

by Fred · 02/05/2019

The Billion 5200W-T 1.02b.rc5.dt49 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user. The vulnerability is in the adv_remotelog.asp page and can be exploited through the syslogServerAddr parameter.

Date published : 2019-05-02

https://raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.txt

https://seclists.org/fulldisclosure/2017/Jan/40

Similar

Tags: Cybersecurity Alert