Arbitrary Command Execution in Advantech EKI-6340 2.05 Wi-Fi Mesh Access Point

Arbitrary Command Execution in Advantech EKI-6340 2.05 Wi-Fi Mesh Access Point

CVE-2014-8387 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

cgi/utility.cgi in Advantech EKI-6340 2.05 Wi-Fi Mesh Access Point allows remote authenticated users to execute arbitrary commands via shell metacharacters in the pinghost parameter to ping.cgi.

Learn more about our User Device Pen Test.