2026-01-06 15:52:22
VulnCheck
PUBLISHED
Cayin Signage Media Player 3.0 contains an authenticated remote command injection vulnerability in system.cgi and wizard_system.cgi pages. Attackers can exploit the NTP_Server_IP parameter with default credentials to execute arbitrary shell commands as root.