Security Advisory

CVE-2019-10656

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-03-30 16:42:23

Last updated 2024-08-04 22:32:00

Assigner mitre

State PUBLISHED

Description

Grandstream GWN7000 before 1.0.6.32 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the filename in a /ubus/uci.apply update_nds_webroot_from_tmp API call.

← Browse all CVEs View on cve.org ↗