PT-2026-8322 · Unknown · Wayos Fbm-220G

Jfkk

Publicado

2026-02-16

Atualizado

2026-02-18

CVE-2026-2548

CVSS v2.0

6.5

Média

Vetor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions WAYOS FBM-220G version 24.10.19

Description A flaw exists in WAYOS FBM-220G version 24.10.19 related to command injection. Manipulation of the arguments upnp waniface, upnp ssdp interval, and upnp max age within the sub 40F820 function of the rc file can allow for remote execution of commands. The vendor was contacted regarding this issue but did not provide a response.

Recommendations As a temporary workaround, consider restricting or disabling the use of the upnp waniface, upnp ssdp interval, and upnp max age arguments. Disable the sub 40F820 function if possible. Avoid using the rc file if it is not essential for the operation of the system.

Exploit

Correção

Special Elements Injection

Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-74CWE-77

Identificadores relacionados

CVE-2026-2548

Produtos afetados

Wayos Fbm-220G

PT-2026-8322 · Unknown · Wayos Fbm-220G

CVE-2026-2548

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8