An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-03-18T17:14:33
Updated: 2024-08-04T19:12:09.477Z
Reserved: 2019-01-01T00:00:00
Link: CVE-2019-3495
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-03-21T16:01:04.187
Modified: 2021-09-13T11:10:00.477
Link: CVE-2019-3495
Redhat
No data.