CVEs (2)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Asuswrt Merlin Project 14Rt Ac1900 Firmware Rt Ac2900 FirmwareRt Ac3100 Firmware+11 moreNov 21, 2024 Oct 15, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because exec.php has a popen call. NOTE: the vendor indicates that Merlin.PHP is designed o...Show more |
1Asuswrt Merlin Project 14Rt Ac1900 Firmware Rt Ac2900 FirmwareRt Ac3100 Firmware+11 moreNov 21, 2024 Oct 15, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because api.php has an eval call, as demonstrated by the /6/api.php?function=command&class=...Show more |