Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. The attacker can send a maliciously modified POST (HTTP) request containing shell commands, which will be executed on the device, to an backend API endpoint of the cable modem.
References
Link | Resource |
---|---|
https://xitan.me/posts/connect-box-ch7465lg-rce/ | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-10-02T14:54:46
Updated: 2019-10-02T14:54:46
Reserved: 2019-06-28T00:00:00
Link: CVE-2019-13025
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-10-02T15:15:10.357
Modified: 2020-08-24T17:37:01.140
Link: CVE-2019-13025
JSON object: View
Redhat Information
No data.