CVE-2020-24365

An issue was discovered on Gemtek WRTM-127ACN 01.01.02.141 and WRTM-127x9 01.01.02.127 devices. The Monitor Diagnostic network page allows an authenticated attacker to execute a command directly on the target machine. Commands are executed as the root user (uid 0). (Even if a login is required, most routers are left with default credentials.)
References
Configurations

Configuration 1


Information

Published : 2020-09-24 03:15

Updated : 2022-04-28 06:21


NVD link : CVE-2020-24365

Mitre link : CVE-2020-24365

Products Affected
No products.
CWE
CWE-1188

Insecure Default Initialization of Resource

CWE-78