### [CVE-2021-20122](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20122)
![](https://img.shields.io/static/v1?label=Product&message=Telus%20Wi-Fi%20Hub%20(PRV65B444A-S-TS)&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=3.00.20%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Command%20Injection&color=brightgreen)

### Description

The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version 3.00.20 is affected by an authenticated command injection vulnerability in multiple parameters passed to tr69_cmd.cgi. A remote attacker connected to the router's LAN and authenticated with a super user account, or using a bypass authentication vulnerability like CVE-2021-20090 could leverage this issue to run commands or gain a shell as root on the target device.

### POC

#### Reference
- https://www.tenable.com/security/research/tra-2021-41

#### Github
No PoCs found on GitHub currently.