CVE-2020-21937

An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary system commands.
References
Link Resource
https://l0n0l.xyz/post/motocx2/ Exploit Third Party Advisory
https://github.com/cc-crack/router/blob/master/motocx2.md Exploit Third Party Advisory
https://cwe.mitre.org/data/definitions/78.html Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:motorola:cx2_firmware:1.0.2:build_20190508:*:*:*:*:*:*
cpe:2.3:h:motorola:cx2:-:*:*:*:*:*:*:*

Information

Published : 2021-07-21 08:15

Updated : 2022-10-26 11:56


NVD link : CVE-2020-21937

Mitre link : CVE-2020-21937


JSON object : View

CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Advertisement

dedicated server usa

Products Affected

motorola

  • cx2_firmware
  • cx2