CVE-2018-20122
EUVD-2018-1269221.02.2019, 14:29
The web interface on FASTGate Fastweb devices with firmware through 0.00.47_FW_200_Askey 2017-05-17 (software through 1.0.1b) exposed a CGI binary that is vulnerable to a command injection vulnerability that can be exploited to achieve remote code execution with root privileges. No authentication is required in order to trigger the vulnerability.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| fastweb | fastgate_firmware | 𝑥 ≤ 1.0.1b |
𝑥
= Vulnerable software versions