Security Advisory

CVE-2024-53940

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-12-02 00:00:00

Last updated 2024-12-03 18:48:22

Assigner mitre

State PUBLISHED

Description

An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware 1.0) devices. Certain /cgi-bin/luci/admin endpoints are vulnerable to command injection. Attackers can exploit this by sending crafted payloads through parameters intended for the ping utility, enabling arbitrary command execution with root-level permissions on the device.

← Browse all CVEs View on cve.org ↗