Remote Command Execution Vulnerability in Wavlink Jetstream Devices
CVE-2020-10971
8.8HIGH
What is CVE-2020-10971?
A vulnerability exists in Wavlink Jetstream devices that allows an attacker to execute arbitrary commands via a crafted POST request sent to adm.cgi. If an active session is present, the device does not properly validate the source of the request, enabling an attacker to exploit this weakness. The flaw affects several Wavlink device models, including various Jetstream configurations, and poses a risk of unauthorized command execution that could compromise device integrity.