Quartzdust

**Name of the Vulnerable Software and Affected Versions** Kasda LinkSmart Router KW6512 versions <= v1.3 **Description** The issue is related to Multiple OS Command Injection vulnerabilities. An authenticated remote attacker can execute arbitrary OS commands via various cgi parameters. **Recommendations** For Kasda LinkSmart Router KW6512 versions <= v1.3, update to a version later than v1.3 to resolve the issue. As a temporary workaround, consider restricting access to the cgi parameters that allow OS command execution until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Kasda LinkSmart Router KW5515 versions 1.7 and earlier **Description** The issue allows an authenticated remote attacker to execute arbitrary OS commands via cgi parameters. **Recommendations** For Kasda LinkSmart Router KW5515 versions 1.7 and earlier, consider restricting access to cgi parameters to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.