Vulnerabilities

CVE-2020-29390

by Fred · 30/11/2020

Zeroshell 3.9.3 contains a command injection vulnerability in the /cgi-bin/kerbynet StartSessionSubmit parameter that could allow an unauthenticated attacker to execute a system command by using shell metacharacters and the %0a character.

Date published : 2020-11-30

https://blog.quake.so/post/zeroshell_linux_router_rce/

Related

Tags: Cybersecurity Alert