Command Injection Vulnerability in Comtrend Router Affects GRG-4280us Version
CVE-2024-5785
What is CVE-2024-5785?
A command injection vulnerability has been identified in specific Comtrend router models, notably the WLD71-T1 and GRG-4280us. This flaw allows an authenticated user to execute arbitrary commands within the routerâs operating system. The exploitation is facilitated via a crafted POST request targeting the administrative interface at â/boaform/admin/formUserTracertâ. Such unauthorized execution of commands poses significant threats to network integrity and user security, warranting immediate attention and remediation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Comtrend WLD71-T1_v2.0.201820 GRG-4280us
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved
