LINK-NET LW-N605R devices with firmware 12.20.2.1486 allow Remote Code Execution via shell metacharacters in the HOST field of the ping feature at adm/systools.asp. Authentication is needed but the default password of admin for the admin account may be used in some cases.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-05T10:32:53.917Z

Reserved: 2018-09-09T00:00:00

Link: CVE-2018-16752

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-09-20T20:29:00.817

Modified: 2024-11-21T03:53:17.503

Link: CVE-2018-16752

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.