CVE-2011-5010 : apps/a3/cfg_ethping.cgi in the Ctek SkyRouter 4200 and 4300 allows remote attackers to execute arbitrary commands via sh

apps/a3/cfg_ethping.cgi in the Ctek SkyRouter 4200 and 4300 allows remote attackers to execute arbitrary commands via shell metacharacters in the PINGADDRESS parameter for a "u" action.

Published 2011-12-25 01:55:05

Updated 2012-02-17 04:10:49

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2011-5010

Probability of exploitation activity in the next 30 days: 87.17%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 99 % EPSS Score History EPSS FAQ

Metasploit modules for CVE-2011-5010

CTEK SkyRouter 4200 and 4300 Command Execution

Disclosure Date: 2011-09-08

First seen: 2020-04-26

exploit/unix/http/ctek_skyrouter

This module exploits an unauthenticated remote root exploit within ctek SkyRouter 4200 and 4300. Authors: - savant42

More information

CVSS scores for CVE-2011-5010

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2011-5010

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2011-5010

http://www.securityfocus.com/bid/50867

Ctek SkyRouter 4200 and 4300 Series Routers Remote Arbitrary Command Execution Vulnerability
http://www.exploit-db.com/exploits/18172

CTEK SkyRouter 4200/4300 - Command Execution (Metasploit) - Hardware remote Exploit
Exploit
http://dev.metasploit.com/redmine/issues/5610

Products affected by CVE-2011-5010

Ctekproducts » Skyrouter » Version: 4300
cpe:2.3:h:ctekproducts:skyrouter:4300:*:*:*:*:*:*:*
Matching versions
Ctekproducts » Skyrouter » Version: 4200
cpe:2.3:h:ctekproducts:skyrouter:4200:*:*:*:*:*:*:*
Matching versions