netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the tracert page.
An attacker sends a crafted payload to the 'tracert' (traceroute) diagnostic page available in the device's interface. User input passed through the interface is not properly validated or sanitized (CWE-20), allowing injection of additional system commands (CWE-78). As a result, malicious commands are executed with the privileges of the process handling the request at the router's operating system level.
An attacker can remotely take full control of the device by executing arbitrary OS commands — including modifying configuration, gaining access to transmitted network data, or using the device as an entry point for further attacks on the internal network.
Apply patches available from the manufacturer according to the references provided. As a temporary measure, it is recommended to restrict access to the device's administrative interface exclusively to trusted hosts and to isolate the device from the public Internet.
Netis-Systems MEX605 with firmware version v2.00.06
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HNetis Systems Mex605
HWNetis-Systemswszystkie wersjeNetis Systems Mex605 Firmware
OSNetis-Systems2.00.06
Related vulnerabilities
A cross-site scripting (XSS) vulnerability in netis-systems MEX605 v2.00.06 allows attackers to execute arbitr...
netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the p...
Command injection w Netis WF2780 przez parametr wps_ap_ssid5g
Command injection w NETIS SYSTEMS MW5360 przez parametr hasła na stronie logowania
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the pin_host parameter ...