EnGenius EnShare suffers from an unauthenticated command injection vulnerability in which an attacker can inject and execute arbitrary code as the root user via the ‘path’ GET/POST parameter parsed by ‘usbinteract.cgi’ script.
EnGenius EnShare suffers from an unauthenticated command injection vulnerability in which an attacker can inject and execute arbitrary code as the root user via the ‘path’ GET/POST parameter parsed by ‘usbinteract.cgi’ script.