flu.cgi in the web interface on SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with firmware before 01A.8 allows remote authenticated users to execute arbitrary commands via the 5066 (aka dnsmasq) parameter.
References
Link | Resource |
---|---|
http://www.kb.cert.org/vuls/id/822980 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2016-04-25 11:59
Updated : 2016-05-04 12:18
NVD link : CVE-2016-2332
Mitre link : CVE-2016-2332
JSON object : View
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Products Affected
systech
- syslink_sl-1000_modular_gateway
- syslink_sl-1000_modular_gateway_firmware