Vulnerability CVE-2023-26609
Published: 2023-02-27

Description:
ABUS TVIP 20000-21150 devices allows remote attackers to execute arbitrary code via shell metacharacters in the /cgi-bin/mft/wireless_mft ap field.

See advisories in our WLB2 database:
Topic
Author
Date
High
ABUS Security Camera TVIP 20000-21150 LFI / Remote Code Execution
d1g
27.02.2023

Type:

CWE-98

 (Improper Control of Filename for Include/Require Statement in PHP Program ('PHP File Inclusion'))

 References:
https://nwsec.de/NWSSA-001-2023.txt
Copyright 2024, cxsecurity.com

 

Back to Top