Remote Command Execution Vulnerability in Teltonika RUT9XX Routers

CVE-2017-8116 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

The management interface for the Teltonika RUT9XX routers (aka LuCI) with firmware 00.03.265 and earlier allows remote attackers to execute arbitrary commands with root privileges via shell metacharacters in the username parameter in a login request.

Learn more about our User Device Pen Test.