A command injection vulnerability exists in Gryphon Tower, a wireless router from Gryphon, which stems from a failure to properly filter user input for special characters, commands, etc. in the parameters of operation 10 in the controller_server service on the router. An unauthenticated, remote attacker could use the vulnerability to send specially crafted malicious packets to execute commands on the device as root.