CVE-2024-29292 Information

Description

Multiple OS Command Injection vulnerabilities affecting Kasda KW6512 router software version KW6512_Linux_V1.0 enable an authenticated remote attacker to execute arbitrary OS commands via Quick Setup and Internet page parameters passed to internet.cgi.

Reference

https://www.kasdanet.com/ENHCSZ/pro_view-120.html https://gist.github.com/QuartzDust/debfd7ddf934a9f5609d7f1a8cd71154