Arbitrary Command Execution Vulnerability in SysLINK SL-1000 M2M Modular Gateway Devices

Arbitrary Command Execution Vulnerability in SysLINK SL-1000 M2M Modular Gateway Devices

CVE-2016-2332 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

flu.cgi in the web interface on SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with firmware before 01A.8 allows remote authenticated users to execute arbitrary commands via the 5066 (aka dnsmasq) parameter.

Learn more about our Web App Pen Testing.