First published: Thu Apr 29 2021(Updated: )
The api/zrDm/set_ZRElink interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the bssaddr, abiaddr, devtoken, devid, elinksync, or elink_proc_enable parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Chinamobile An Lianbao Wf-1 Firmware | =1.0.1 | |
Chinamobile An Lianbao Wf-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2021-30231 is critical.
Remote attackers can exploit CVE-2021-30231 by executing arbitrary commands through shell metacharacters in specific parameters.
Version 1.0.1 of China Mobile An Lianbao WF-1 router is affected by CVE-2021-30231.
No, the Chinamobile An Lianbao Wf-1 device is not vulnerable to CVE-2021-30231.
The CWE category for CVE-2021-30231 is CWE-78.