Gigastone · Gigastone Tr1 Travel Router R101 · CVE-2024-44678
**Name of the Vulnerable Software and Affected Versions**
Gigastone TR1 Travel Router R101 version 1.0.2
**Description**
The issue allows an authenticated attacker to execute arbitrary commands on the device by sending a crafted HTTP request to the `ssid` parameter in the request. This enables the attacker to gain control over the device.
**Recommendations**
For Gigastone TR1 Travel Router R101 version 1.0.2, as a temporary workaround, consider restricting access to the `ssid` parameter in HTTP requests until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.