Xyh4Ck

Name of the Vulnerable Software and Affected Versions: DI-7400G+ router (affected versions not specified) Description: The DI-7400G+ router contains a command injection flaw that enables attackers to execute arbitrary commands on the device. This issue affects the `sub 478D28` function within `mng platform.asp` and the `sub 4A12DC` function within `wayos ac server.asp` of the `jhttpd` program, specifically through the `ac mng srv host` parameter. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.