APsystems ECU-R Firmware - Command Injection

Short Info

Level

Critical

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

25 days 4 hours

Scan only one

Domain, Subdomain, IPv4

Toolbox

-

Command injection in the administration interface in APSystems ECU-R version 5203 allows a remote unauthenticated attacker to execute arbitrary commands as root using the timezone parameter.

References:

https://github.com/0xst4n/APSystems-ECU-R-RCE-Timezone

Get started to protecting your digital assets

Start trial See the plans

APsystems ECU-R Firmware - Command Injection

Short Info

-

Detail

Category