Arbitrary Command Execution in Ctek SkyRouter 4200 and 4300 via cfg_ethping.cgi
CVE-2011-5010 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
apps/a3/cfg_ethping.cgi in the Ctek SkyRouter 4200 and 4300 allows remote attackers to execute arbitrary commands via shell metacharacters in the PINGADDRESS parameter for a "u" action.
Learn more about our Web Application Penetration Testing UK.