module
Netis router MW5360 unauthenticated RCE.
| Disclosed |
|---|
| Jan 11, 2024 |
Disclosed
Jan 11, 2024
Description
Netis router MW5360 has a command injection vulnerability via the password parameter on the login page.
The vulnerability stems from improper handling of the "password" parameter within the router's web interface.
The router's login page authorization can be bypassed by simply deleting the authorization header,
leading to the vulnerability. All router firmware versions up to `V1.0.1.3442` are vulnerable.
Attackers can inject a command in the 'password' parameter, encoded in base64, to exploit the command injection
vulnerability. When exploited, this can lead to unauthorized command execution, potentially allowing the attacker
to take control of the router.
The vulnerability stems from improper handling of the "password" parameter within the router's web interface.
The router's login page authorization can be bypassed by simply deleting the authorization header,
leading to the vulnerability. All router firmware versions up to `V1.0.1.3442` are vulnerable.
Attackers can inject a command in the 'password' parameter, encoded in base64, to exploit the command injection
vulnerability. When exploited, this can lead to unauthorized command execution, potentially allowing the attacker
to take control of the router.
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.