CVE-2015-10145

Name of the Vulnerable Software and Affected Versions Gargoyle router management utility versions 1.5.x

Description The application does not properly restrict or validate input provided through the commands parameter, leading to authenticated OS command execution. This occurs in the /utility/run commands.sh script. Successful exploitation could lead to a full compromise of the device, including unauthorized access to system files and execution of attacker-controlled commands.

Recommendations Update to a newer version that contains a fix for this vulnerability.