Command Injection Vulnerability in EnGenius EWS660AP Router Firmware 2.0.284
CVE-2019-11353 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
The EnGenius EWS660AP router with firmware 2.0.284 allows an attacker to execute arbitrary commands using the built-in ping and traceroute utilities by using different payloads and injecting multiple parameters. This vulnerability is fixed in a later firmware version.
Learn more about our Web Application Penetration Testing UK.