CNNVD-202510-3059 Information

CNNVD ID

CNNVD-202510-3059

Related CVE

CVE-2016-15048

• CNNVD Published: 2025-10-22

Description (Chinese)

AMTT Hotel Broadband Operation System是中国安美世纪（AMTT）公司的一个酒店宽带运营系统。 AMTT Hotel Broadband Operation System存在安全漏洞，该漏洞源于/manager/radius/server_ping.php端点未经验证命令注入，可能导致执行任意系统命令。

Description (English)

AMTT Hotel Broadband Operation System is a hotel broadband operating system of Ammi Century (AMTT) in China. AMTT Hotel Broadband Operation System has a security loophole, which stems from the non-validation of the /manager/radius/server ping.php endpoint, which may result in the execution of arbitrary system orders.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

安美世纪

Published

2025-10-22

Last Modified

2026-02-24

References

https://wooyun.laolisafe.com/bug_detail.php?wybug_id=wooyun-2016-0181444 https://www.cnvd.org.cn/flaw/show/CNVD-2021-37784 https://www.amttgroup.com/ https://www.vulncheck.com/advisories/amtt-hibos-command-injection-rce-via-server-ping-php https://github.com/adysec/nuclei_poc/blob/49c283b2bbb244c071786a2b768fbdde1b91f38e/poc/remote_code_execution/hiboss-rce_2.yaml#L21 https://access.redhat.com/security/cve/cve-2016-15048