CVE-2023-41029 Information

Description

Command injection vulnerability in the homemng.htm endpoint in Juplink RX4-1500 Wifi router firmware versions V1.0.2 V1.0.3 V1.0.4 and V1.0.5 allows authenticated remote attackers to execute commands as root via specially crafted HTTP requests to the vulnerable endpoint.

Reference

https://blog.exodusintel.com/2023/09/18/juplink-rx4-1500-command-injection-vulnerability/