CVE-2021-37289

2022-08-2214:34:20

mitre

www.cve.org

cve-2021-37289

planex mzk-dp150n

insecure permissions

root system command execution

syscmd.asp

EPSS

0.003

Percentile

65.6%

JSON

Insecure Permissions in administration interface in Planex MZK-DP150N 1.42 and 1.43 allows attackers to execute system command as root via etc_ro/web/syscmd.asp.

References

www.planex.co.jp/products/mzk-dp150n/

jvn.jp/en/vu/JVNVU98291763/

samy.link/blog/a-hidden-web-shell-in-the-plug-in-wireless-planex-mzk-dp150n

EPSS

0.003

Percentile

65.6%

JSON

Related for CVELIST:CVE-2021-37289