CNNVD-202512-5506 Information
CNNVD ID
CNNVD-202512-5506
Related CVE
- CNNVD Published: 2025-12-31
Description (Chinese)
Gargoyle Router Management Utility是Gargoyle公司的一个第三方路由器固件。 Gargoyle Router Management Utility 1.5.x版本存在安全漏洞,该漏洞源于对commands参数输入限制或验证不足,可能导致经过身份验证的攻击者执行任意操作系统命令。
Description (English)
Gargoyle Router Management Utility is a third-party router for Gargoyle. There is a security loophole in Gargoyle Router Management Utility 1.5.x, which stems from inadequate input restrictions or verification of the comands parameters, which may lead to arbitrary operating system orders being carried out by the identified assailant.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Gargoyle
Published
2025-12-31
Last Modified
2026-02-24
References
https://blog.xlab.qianxin.com/large-scale-botnet-airashi-en/ https://packetstorm.news/files/id/132149 https://www.gargoyle-router.com/ https://www.vulncheck.com/advisories/gargoyle-authenticated-os-command-execution-via-run-commands-sh
Share on: