Vulnerabilities > CVE-2023-24796 - Unspecified vulnerability in Vinga Wr-Ac1200 Firmware 81.102.1.4370

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

vinga

critical

NVD

Published: 2023-04-26

Updated: 2023-05-04

Summary

Password vulnerability found in Vinga WR-AC1200 81.102.1.4370 and before allows a remote attacker to execute arbitrary code via the password parameter at the /goform/sysTools and /adm/systools.asp endpoints.

Vulnerable Configurations

Part	Description	Count
OS	Vinga Vinga WR Ac1200 Firmware - Vinga WR Ac1200 Firmware 81.102.1.4370	2
Hardware	Vinga Vinga WR Ac1200 -	1

References

https://gist.github.com/yinfei6/3664387cb5b66b68c7eff4bfdb51b2d6