MidnightBSD

Advisories for linknet-usa

CVE-2018-16752 HIGH

LINK-NET LW-N605R devices with firmware 12.20.2.1486 allow Remote Code Execution via shell metacharacters in the HOST field of the ping feature at adm/systools.asp. Authentication is needed but the default password of admin for the admin account may be used in some cases.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,CWE-1188,

Products Affected

Vendor Product Version
linknet-usa lw-n605r_firmware 12.20.2.1486