Three os command injection vulnerabilities exist in the...
High severity
Unreviewed
Published
Jul 8, 2024
to the GitHub Advisory Database
Description
Published by the National Vulnerability Database
Jul 8, 2024
Published to the GitHub Advisory Database
Jul 8, 2024
Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command injection is related to the
localPin
request's parameter.References