Description
An arbitrary OS command may be executed on the product by the user who can log in to the web management interface.
Problem types
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Product status
Any version before ER8411 1.3.3, ER7412-M2 1.1.0, ER707-M2 1.3.1, ER7206 2.2.2, ER605 2.3.1, ER706W 1.2.1, ER706W-4G 1.2.1, ER7212PC 2.1.3
Any version before FR365 1.1.10, FR205 1.0.3, FR307 1.2.5
Any version before G36 1.1.4, G611 1.2.2
References
support.omadanetworks.com/en/document/108455/
www.omadanetworks.com/...siness-networking/all-omada-router/
www.omadanetworks.com/...king/omada-pro-router-wired-router/
www.tp-link.com/us/business-networking/soho-festa-gateway/
