CVE-2018-1144

Name of the Vulnerable Software and Affected Versions: Belkin N750 version 1.10.22

Description: The issue is related to insufficient input validation in the proxy.cgi component of the Belkin N750 router's firmware, allowing a remote unauthenticated user to execute commands as root by sending a crafted HTTP request to the proxy.cgi endpoint. This can enable an attacker to perform arbitrary commands with root privileges.

Recommendations: For Belkin N750 version 1.10.22, consider disabling access to the proxy.cgi endpoint until a patch is available to prevent exploitation. Restricting input to this endpoint can also help minimize the risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.