Insufficient Filtering in Realtek GPON Router Allows Command Injection Attacks
CVE-2022-40740 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Realtek GPON router has insufficient filtering for special characters. A remote attacker authenticated as an administrator can exploit this vulnerability to perform command injection attacks, to execute arbitrary system command, manipulate system or disrupt service.
Learn more about our Web Application Penetration Testing UK.