CVE-2025-71284

Name of the Vulnerable Software and Affected Versions Synway SMG Gateway Management Software (affected versions not specified)

Description An OS command injection flaw exists in the RADIUS configuration endpoint '/en/9-2radius.php'. The issue occurs because the radius address POST parameter is split and interpolated directly into a sed command without proper sanitization. An unauthenticated remote attacker can achieve remote code execution by submitting a POST request containing crafted radius address, radius address2, shared secret2, source ip, timeout, or retry parameters, provided that save=1 and enable radius=1 are also included. Evidence of exploitation was first observed by the Shadowserver Foundation on 2025-07-11 (UTC).

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the '/en/9-2radius.php' endpoint to minimize the risk of exploitation.