module
Netis router MW5360 unauthenticated RCE.
| Disclosed |
|---|
| Jan 11, 2024 |
Disclosed
Jan 11, 2024
Description
Netis router MW5360 has a command injection vulnerability via the password parameter on the login page.
The vulnerability stems from improper handling of the "password" parameter within the router's web interface.
The router's login page authorization can be bypassed by simply deleting the authorization header,
leading to the vulnerability. All router firmware versions up to `V1.0.1.3442` are vulnerable.
Attackers can inject a command in the 'password' parameter, encoded in base64, to exploit the command injection
vulnerability. When exploited, this can lead to unauthorized command execution, potentially allowing the attacker
to take control of the router.
The vulnerability stems from improper handling of the "password" parameter within the router's web interface.
The router's login page authorization can be bypassed by simply deleting the authorization header,
leading to the vulnerability. All router firmware versions up to `V1.0.1.3442` are vulnerable.
Attackers can inject a command in the 'password' parameter, encoded in base64, to exploit the command injection
vulnerability. When exploited, this can lead to unauthorized command execution, potentially allowing the attacker
to take control of the router.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.