CNNVD-202602-1051 Information

CNNVD ID

CNNVD-202602-1051

Related CVE

CVE-2026-2000

• CNNVD Published: 2026-02-06

Description (Chinese)

DCN DCME-320是中国神州鲲泰（DCN）公司的一个互联网出口网关路由器。 DCN DCME-320 20260121及之前版本存在命令注入漏洞，该漏洞源于对组件Web Management Backend中文件/function/system/basic/bridge_cfg.php内函数apply_config的参数ip_list的错误操作，可能导致命令注入。

Description (English)

DCN DCME-320 is an Internet export gateway router for the company DCN of Shinzhou, China. The DCN DCME-320 20260121 and previous versions contain a command-injecting loophole, which stems from an error in the parameter ip list of the document/faction/system/basic/bridge cfg.php function in component Web Management Backend, which may lead to the command-injection.

Hazard Level

High

Vulnerability Type

命令注入

Affected Vendor

神州鲲泰

Published

2026-02-06

Last Modified

2026-02-24

References

https://github.com/physicszq/Routers/tree/main/Dcme https://vuldb.com/?ctiid.344548 https://vuldb.com/?id.344548 https://vuldb.com/?submit.743455