Shell Metacharacter Injection in Netis WF2780 and WF2411 Devices: Remote Code Execution Vulnerability

CVE-2021-26747 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Netis WF2780 2.3.40404 and WF2411 1.1.29629 devices allow Shell Metacharacter Injection into the ping command, leading to remote code execution.

Learn more about our Web Application Penetration Testing UK.