nuclei-templates

Commit Graph

Author	SHA1	Message	Date
sandeep	4f88a66890	misc update	2021-11-15 23:05:21 +05:30
Prince Chaddha	7566a563cd	Update CVE-2019-19824.yaml	2021-11-15 17:11:47 +05:30
GwanYeong Kim	451366d33e	Create CVE-2019-19824.yaml On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available. This allows for full control over the device's internals. This affects A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0. Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>	2021-11-14 13:17:27 +09:00

Author

SHA1

Message

Date

sandeep

4f88a66890

misc update

2021-11-15 23:05:21 +05:30

Prince Chaddha

7566a563cd

Update CVE-2019-19824.yaml

2021-11-15 17:11:47 +05:30

GwanYeong Kim

451366d33e

Create CVE-2019-19824.yaml

On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available. This allows for full control over the device's internals. This affects A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>

2021-11-14 13:17:27 +09:00

3 Commits (45521a075f3f0d1472c078d19e891839e91e0647)