CVEs-PoC/2019/CVE-2019-12489.md at b0e96c877abb080d7cf221c036336480ff266ccf

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-09 06:55:56 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

An issue was discovered on Fastweb Askey RTV1907VW 0.00.81_FW_200_Askey 2018-10-02 18:08:18 devices. By using the usb_remove service through an HTTP request, it is possible to inject and execute a command between two & characters in the mount parameter.

POC

Reference

https://www.exploit-db.com/exploits/47654

Github

https://github.com/garis/Fastgate
https://github.com/lwtz/CVE-2019-0708
https://github.com/singletrackseeker/CVE-2019-7482

811 B Raw Blame History

CVE-2019-12489

Description

POC

Reference

Github

811 B

Raw Blame History