System Command Injection in User.create Method in Buffalo TS5600D1206 Version 3.61-0.10

System Command Injection in User.create Method in Buffalo TS5600D1206 Version 3.61-0.10

CVE-2018-13318 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

System command injection in User.create method in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to execute system commands via the "name" parameter.

Learn more about our User Device Pen Test.