Command Injection Vulnerability in Netis WF2780 Router
CVE-2024-25851

Currently unrated

Key Information:

Vendor: Netis Systems
Status: Wf2780 Firmware
Vendor: CVE Published:; 22 February 2024

🔔 Create Netis Systems Vulnerability Alert

What is CVE-2024-25851?

The Netis WF2780, a widely used router model, has been identified as having a command injection vulnerability that can be exploited through the 'config_sequence' parameter in the 'cgitest.cgi' module. This flaw enables attackers to execute arbitrary commands on the device without proper authorization, jeopardizing the security and integrity of the affected system. Users of Netis WF2780 should be aware of this vulnerability and take necessary precautions to mitigate potential risks.

References

https://www.netis-systems.com/

https://github.com/no1rr/Vulnerability/blob/master/netis/...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 22, 2024
Vulnerability Reserved
Feb 12, 2024