EnGenius EnShare IoT Gigabit Cloud Service 1.4.11 Root Remote Code Execution
Posted by deepcore on June 6, 2017 – 2:49 pm
EnGenius EnShare suffers from an unauthenticated command injection vulnerability in which an attacker can inject and execute arbitrary code as the root user via the ‘path’ GET/POST parameter parsed by ‘usbinteract.cgi’ script.
Post a reply
You must be logged in to post a comment.