CVE-2024-53942

MEDIUM Year: 2024
CVSS v3 Score
4.8
Medium
Weakness Type
CWE-78
View all →

Vulnerability Description

An issue was discovered on NRadio N8-180 NROS-1.9.2.n3.c5 devices. The /cgi-bin/luci/nradio/basic/radio endpoint is vulnerable to command injection via the 2.4 GHz and 5 GHz name parameters, allowing a remote attacker to execute arbitrary OS commands on the device (with root-level permissions) via crafted input.

Related Vulnerabilities

CVE-2016-1141

MEDIUM
CVSS:4.7(Medium)

KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users to execute arbitrary OS commands via unspecified vectors.

CWE-782016

CVE-2023-6795

MEDIUM
CVSS:4.7(Medium)

An OS command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to disrupt system processes and potentially execute arbitrary code with limited privi...

CWE-782023

CVE-2024-21906

MEDIUM
CVSS:4.7(Medium)

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands v...

CWE-782024

CVE-2024-4255

MEDIUM
CVSS:4.7(Medium)

A vulnerability, which was classified as critical, has been found in Ruijie RG-UAC up to 20240419. This issue affects some unknown processing of the file /view/network Config/GRE/gre_edit_commit.php. ...

CWE-782024

CVE-2024-4501

MEDIUM
CVSS:4.7(Medium)

A vulnerability was found in Ruijie RG-UAC up to 20240428. It has been rated as critical. This issue affects some unknown processing of the file /view/bugSolve/captureData/commit.php. The manipulation...

CWE-782024

CVE-2024-4502

MEDIUM
CVSS:4.7(Medium)

A vulnerability classified as critical has been found in Ruijie RG-UAC up to 20240428. Affected is an unknown function of the file /view/dhcp/dhcpClient/dhcp_client_commit.php. The manipulation of the...

CWE-782024