PHICOMM K2(PSG1218) devices V22.5.11.5 and earlier allow unauthenticated remote code execution via a request to an unspecified ASP script; alternatively, the attacker can leverage unauthenticated access to this script to trigger a reboot via an ifType=reboot action.
References
Link | Resource |
---|---|
https://github.com/ZIllR0/Routers/blob/master/PHICOMM | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2017-07-20 15:29
Updated : 2017-08-15 11:39
NVD link : CVE-2017-11495
Mitre link : CVE-2017-11495
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
phicomm
- k2\(psg1218\)
- k2\(psg1218\)-firmware