Search criteria
3 vulnerabilities found for EnShare IoT Gigabit Cloud Service by EnGenius
CVE-2025-34035 (GCVE-0-2025-34035)
Vulnerability from cvelistv5 – Published: 2025-06-24 01:00 – Updated: 2025-11-20 21:15 X_Known Exploited Vulnerability
VLAI?
Title
EnGenius EnShare IoT Gigabit Cloud Service Command Injection
Summary
An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise. Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| EnGenius | EnShare IoT Gigabit Cloud Service |
Affected:
0 , ≤ 1.4.11
(semver)
|
Credits
Gjoko Krstic
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34035",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-24T13:30:44.337841Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-24T13:30:48.459Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5413.php"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Web Management Interface (usbinteract.cgi)"
],
"product": "EnShare IoT Gigabit Cloud Service",
"vendor": "EnGenius",
"versions": [
{
"lessThanOrEqual": "1.4.11",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gjoko Krstic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise.\u0026nbsp;Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC."
}
],
"value": "An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise.\u00a0Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T21:15:28.292Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"third-party-advisory",
"exploit"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5413.php"
},
{
"tags": [
"third-party-advisory",
"exploit"
],
"url": "https://www.exploit-db.com/exploits/42114"
},
{
"tags": [
"third-party-advisory",
"exploit"
],
"url": "https://packetstormsecurity.com/files/142792"
},
{
"tags": [
"third-party-advisory",
"exploit"
],
"url": "https://cxsecurity.com/issue/WLB-2017060050"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://vulncheck.com/advisories/engenius-enshare-iot-gigabit-cloud-service"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"x_known-exploited-vulnerability"
],
"title": "EnGenius EnShare IoT Gigabit Cloud Service Command Injection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34035",
"datePublished": "2025-06-24T01:00:23.862Z",
"dateReserved": "2025-04-15T19:15:22.546Z",
"dateUpdated": "2025-11-20T21:15:28.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34035 (GCVE-0-2025-34035)
Vulnerability from nvd – Published: 2025-06-24 01:00 – Updated: 2025-11-20 21:15 X_Known Exploited Vulnerability
VLAI?
Title
EnGenius EnShare IoT Gigabit Cloud Service Command Injection
Summary
An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise. Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| EnGenius | EnShare IoT Gigabit Cloud Service |
Affected:
0 , ≤ 1.4.11
(semver)
|
Credits
Gjoko Krstic
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34035",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-24T13:30:44.337841Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-24T13:30:48.459Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5413.php"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Web Management Interface (usbinteract.cgi)"
],
"product": "EnShare IoT Gigabit Cloud Service",
"vendor": "EnGenius",
"versions": [
{
"lessThanOrEqual": "1.4.11",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gjoko Krstic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise.\u0026nbsp;Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC."
}
],
"value": "An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise.\u00a0Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T21:15:28.292Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"third-party-advisory",
"exploit"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5413.php"
},
{
"tags": [
"third-party-advisory",
"exploit"
],
"url": "https://www.exploit-db.com/exploits/42114"
},
{
"tags": [
"third-party-advisory",
"exploit"
],
"url": "https://packetstormsecurity.com/files/142792"
},
{
"tags": [
"third-party-advisory",
"exploit"
],
"url": "https://cxsecurity.com/issue/WLB-2017060050"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://vulncheck.com/advisories/engenius-enshare-iot-gigabit-cloud-service"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"x_known-exploited-vulnerability"
],
"title": "EnGenius EnShare IoT Gigabit Cloud Service Command Injection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34035",
"datePublished": "2025-06-24T01:00:23.862Z",
"dateReserved": "2025-04-15T19:15:22.546Z",
"dateUpdated": "2025-11-20T21:15:28.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
VAR-201707-1348
Vulnerability from variot - Updated: 2022-10-19 22:37EnGenius Enshare is a USB media storage sharing application.
EnGenius EnShare IoT Gigabit Cloud Service has a remote code execution vulnerability. Allows an attacker to exploit a vulnerability to execute arbitrary code. With the EnGenius IoT Gigabit Routers and free EnShare app, use your iPhone, iPad or Android-based tablet or smartphone to transfer video, music and other files to and from a router-attached USB hard drive. The EnShare feature allows you to access media content stored on a USB hard drive connected to the router's USB port in the home and when you are away from home when you have access to the Internet. By default the EnShare feature is enabled.EnGenius EnShare suffers from an unauthenticated command injection vulnerability. An attacker can inject and execute arbitrary code as the root user via the 'path' GET/POST parameter parsed by 'usbinteract.cgi' script.Tested on: Linux 2.6.36 (mips)Embedded HTTP Server ,Firmware Version 5.11lighttpd/1.4.31
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-1348",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "enshare iot gigabit cloud service",
"scope": "eq",
"trust": 0.6,
"vendor": "engenius",
"version": "1.4.11"
},
{
"model": "enshare iot gigabit cloud service",
"scope": "eq",
"trust": 0.3,
"vendor": "engenius",
"version": "1.1.0)"
},
{
"model": "enshare iot gigabit cloud service",
"scope": "eq",
"trust": 0.1,
"vendor": "engenius",
"version": "1.1.0.28)"
},
{
"model": "enshare iot gigabit cloud service",
"scope": "eq",
"trust": 0.1,
"vendor": "engenius",
"version": "1.1.0.29)"
},
{
"model": "enshare iot gigabit cloud service",
"scope": "eq",
"trust": 0.1,
"vendor": "engenius",
"version": "1.1.0.50)"
},
{
"model": "enshare iot gigabit cloud service",
"scope": "eq",
"trust": 0.1,
"vendor": "engenius",
"version": "1.2.0)"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2017-5413"
},
{
"db": "CNVD",
"id": "CNVD-2017-13571"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerability discovered by Gjoko Krstic",
"sources": [
{
"db": "ZSL",
"id": "ZSL-2017-5413"
}
],
"trust": 0.1
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-13571",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2017-13571",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "ZSL",
"id": "ZSL-2017-5413",
"trust": 0.1,
"value": "(5/5)"
}
]
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2017-5413"
},
{
"db": "CNVD",
"id": "CNVD-2017-13571"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "EnGenius Enshare is a USB media storage sharing application. \r\n\r\n\r\nEnGenius EnShare IoT Gigabit Cloud Service has a remote code execution vulnerability. Allows an attacker to exploit a vulnerability to execute arbitrary code. With the EnGenius IoT Gigabit Routers and free EnShare app, use your iPhone, iPad or Android-based tablet or smartphone to transfer video, music and other files to and from a router-attached USB hard drive. The EnShare feature allows you to access media content stored on a USB hard drive connected to the router\u0027s USB port in the home and when you are away from home when you have access to the Internet. By default the EnShare feature is enabled.EnGenius EnShare suffers from an unauthenticated command injection vulnerability. An attacker can inject and execute arbitrary code as the root user via the \u0027path\u0027 GET/POST parameter parsed by \u0027usbinteract.cgi\u0027 script.Tested on: Linux 2.6.36 (mips)Embedded HTTP Server ,Firmware Version 5.11lighttpd/1.4.31",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-13571"
},
{
"db": "ZSL",
"id": "ZSL-2017-5413"
}
],
"trust": 0.63
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.zeroscience.mk/codes/enshare_rce.txt",
"trust": 0.1,
"type": "poc"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2017-5413"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "EXPLOIT-DB",
"id": "42114",
"trust": 0.7
},
{
"db": "EXPLOITDB",
"id": "42114",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2017-13571",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "142792",
"trust": 0.1
},
{
"db": "CXSECURITY",
"id": "WLB-2017060050",
"trust": 0.1
},
{
"db": "ZSL",
"id": "ZSL-2017-5413",
"trust": 0.1
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2017-5413"
},
{
"db": "CNVD",
"id": "CNVD-2017-13571"
}
]
},
"id": "VAR-201707-1348",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-13571"
}
],
"trust": 1.2666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-13571"
}
]
},
"last_update_date": "2022-10-19T22:37:44.942000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.7,
"url": "https://www.exploit-db.com/exploits/42114/"
},
{
"trust": 0.1,
"url": "https://packetstormsecurity.com/files/142792"
},
{
"trust": 0.1,
"url": "https://cxsecurity.com/issue/wlb-2017060050"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/127026"
},
{
"trust": 0.1,
"url": "https://www.engeniusnetworks.eu/downloads?field_file_type_tid=27\u0026amp;title=esr900"
},
{
"trust": 0.1,
"url": "https://www.engeniusnetworks.eu/downloads?field_file_type_tid=27\u0026amp;title=esr600"
},
{
"trust": 0.1,
"url": "https://www.engeniusnetworks.eu/downloads?field_file_type_tid=27\u0026amp;title=epg5000"
},
{
"trust": 0.1,
"url": "http://www.vfocus.net/art/20170606/13644.html"
},
{
"trust": 0.1,
"url": "https://badpackets.net/engenius-routers-found-in-mirai-like-botnet/"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2017-5413"
},
{
"db": "CNVD",
"id": "CNVD-2017-13571"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZSL",
"id": "ZSL-2017-5413"
},
{
"db": "CNVD",
"id": "CNVD-2017-13571"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-04T00:00:00",
"db": "ZSL",
"id": "ZSL-2017-5413"
},
{
"date": "2017-07-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-13571"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-11T00:00:00",
"db": "ZSL",
"id": "ZSL-2017-5413"
},
{
"date": "2017-07-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-13571"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "EnGenius EnShare IoT Gigabit Cloud Service Remote Code Execution Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-13571"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Local/Remote,System Access",
"sources": [
{
"db": "ZSL",
"id": "ZSL-2017-5413"
}
],
"trust": 0.1
}
}