Command Injection Vulnerability in FASTGate Fastweb Devices
CVE-2018-20122 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
The web interface on FASTGate Fastweb devices with firmware through 0.00.47_FW_200_Askey 2017-05-17 (software through 1.0.1b) exposed a CGI binary that is vulnerable to a command injection vulnerability that can be exploited to achieve remote code execution with root privileges. No authentication is required in order to trigger the vulnerability.
Learn more about our Web App Pen Testing.