Search criteria
4 vulnerabilities by sapido
CVE-2025-7554 (GCVE-0-2025-7554)
Vulnerability from cvelistv5 – Published: 2025-07-14 00:02 – Updated: 2025-07-14 14:13
VLAI?
Summary
A vulnerability classified as problematic was found in Sapido RB-1802 1.0.32. This vulnerability affects unknown code of the file urlfilter.asp of the component URL Filtering Page. The manipulation of the argument URL address leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity ?
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Credits
Havook (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7554",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-14T14:13:45.196444Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-14T14:13:49.641Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"URL Filtering Page"
],
"product": "RB-1802",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "1.0.32"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Havook (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in Sapido RB-1802 1.0.32. This vulnerability affects unknown code of the file urlfilter.asp of the component URL Filtering Page. The manipulation of the argument URL address leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "de",
"value": "In Sapido RB-1802 1.0.32 wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Betroffen ist eine unbekannte Verarbeitung der Datei urlfilter.asp der Komponente URL Filtering Page. Mit der Manipulation des Arguments URL address mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 3.3,
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Code Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-14T00:02:06.094Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-316252 | Sapido RB-1802 URL Filtering Page urlfilter.asp cross site scripting",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.316252"
},
{
"name": "VDB-316252 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.316252"
},
{
"name": "Submit #614901 | Sapido Sapido RB-1802 Ver1.0.32 Cross Site Scripting",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.614901"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-12T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-07-12T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-07-12T20:52:30.000Z",
"value": "VulDB entry last update"
}
],
"title": "Sapido RB-1802 URL Filtering Page urlfilter.asp cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-7554",
"datePublished": "2025-07-14T00:02:06.094Z",
"dateReserved": "2025-07-12T18:47:27.280Z",
"dateUpdated": "2025-07-14T14:13:49.641Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6560 (GCVE-0-2025-6560)
Vulnerability from cvelistv5 – Published: 2025-06-24 02:01 – Updated: 2025-06-24 16:48
VLAI?
Summary
Multiple wireless router models from Sapido have an Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to directly access a system configuration file and obtain plaintext administrator credentials.
The affected models are out of support; replacing the device is recommended.
Severity ?
9.8 (Critical)
CWE
- CWE-256 - Plaintext Storage of a Password
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6560",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-24T16:47:38.739831Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-24T16:48:18.117Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "BR071n",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BR261c",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BR270n",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BR476n",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BRC70n",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BRC70x",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BRC76n",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BRD70n",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BRE70n",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BRE71n",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BRF61c",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BRF71n",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"datePublic": "2025-06-24T01:55:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Multiple wireless router models from Sapido have an Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to directly access a system configuration file and obtain plaintext administrator credentials.\u0026nbsp;\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe affected models are out of support; replacing the device is recommended.\u003c/span\u003e"
}
],
"value": "Multiple wireless router models from Sapido have an Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to directly access a system configuration file and obtain plaintext administrator credentials.\u00a0\n\nThe affected models are out of support; replacing the device is recommended."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "CWE-256 Plaintext Storage of a Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-24T02:01:22.300Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-10197-524ea-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-10198-55217-2.html"
}
],
"source": {
"advisory": "TVN-202506007",
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Sapido Wireless Router - Exposure of Sensitive Information",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2025-6560",
"datePublished": "2025-06-24T02:01:22.300Z",
"dateReserved": "2025-06-24T01:24:45.808Z",
"dateUpdated": "2025-06-24T16:48:18.117Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6559 (GCVE-0-2025-6559)
Vulnerability from cvelistv5 – Published: 2025-06-24 01:47 – Updated: 2025-06-24 15:32
VLAI?
Summary
Multiple wireless router models from Sapido have an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server. The affected models are out of support; replacing the device is recommended.
Severity ?
9.8 (Critical)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6559",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-24T15:27:36.396380Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-24T15:32:51.258Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "BR071n",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BR261c",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BR270n",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BR476n",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BRC70n",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BRC70x",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BRC76n",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BRD70n",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BRE70n",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BRE71n",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BRF61c",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BRF71n",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"datePublic": "2025-06-24T01:37:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Multiple wireless router models from Sapido have an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.\u0026nbsp;The affected models are out of support; replacing the device is recommended."
}
],
"value": "Multiple wireless router models from Sapido have an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.\u00a0The affected models are out of support; replacing the device is recommended."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-24T01:47:25.776Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-10196-898d3-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-10195-69da1-2.html"
}
],
"source": {
"advisory": "TVN-202506006",
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Sapido Wireless Router - OS Command Injection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2025-6559",
"datePublished": "2025-06-24T01:47:25.776Z",
"dateReserved": "2025-06-24T01:24:44.230Z",
"dateUpdated": "2025-06-24T15:32:51.258Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-4242 (GCVE-0-2021-4242)
Vulnerability from cvelistv5 – Published: 2022-11-30 00:00 – Updated: 2025-04-15 13:11
VLAI?
Summary
A vulnerability was found in Sapido BR270n, BRC76n, GR297 and RB1732 and classified as critical. Affected by this issue is some unknown functionality of the file ip/syscmd.htm. The manipulation leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214592.
Severity ?
6.3 (Medium)
CWE
- CWE-707 - Improper Neutralization -> CWE-74 Injection -> CWE-78 OS Command Injection
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:23:09.881Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://blog.csdn.net/qq_44159028/article/details/114590267"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/smallpiggy/Sapido--rce/blob/main/Sapido%E8%B7%AF%E7%94%B1%E5%99%A8-rce.py"
},
{
"tags": [
"x_transferred"
],
"url": "https://vuldb.com/?id.214592"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-4242",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-14T16:56:44.647966Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T13:11:26.215Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "BR270n",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
},
{
"product": "BRC76n",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
},
{
"product": "GR297",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
},
{
"product": "RB1732",
"vendor": "Sapido",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Sapido BR270n, BRC76n, GR297 and RB1732 and classified as critical. Affected by this issue is some unknown functionality of the file ip/syscmd.htm. The manipulation leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214592."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-707",
"description": "CWE-707 Improper Neutralization -\u003e CWE-74 Injection -\u003e CWE-78 OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-30T00:00:00.000Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"url": "https://blog.csdn.net/qq_44159028/article/details/114590267"
},
{
"url": "https://github.com/smallpiggy/Sapido--rce/blob/main/Sapido%E8%B7%AF%E7%94%B1%E5%99%A8-rce.py"
},
{
"url": "https://vuldb.com/?id.214592"
}
],
"title": "Sapido BR270n/BRC76n/GR297/RB1732 syscmd.htm os command injection",
"x_generator": "vuldb.com"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2021-4242",
"datePublished": "2022-11-30T00:00:00.000Z",
"dateReserved": "2022-11-30T00:00:00.000Z",
"dateUpdated": "2025-04-15T13:11:26.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}