Jinhao118

**Name of the Vulnerable Software and Affected Versions** Ziroom ZHOME A0101 version 1.0.1.0 **Description** A security flaw exists in Ziroom ZHOME A0101. The issue is due to command injection resulting from the manipulation of the `macType` argument within the `macAddrClone` function located in the `lucicontrollerapizrMacClone.lua` file. This allows for remote attacks. The exploit has been publicly released. The vendor was notified but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.