CVE-2015-10145 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution vulnerability in /utility/run_commands.sh. The application fails…
High CVSS: 8.7

CVE-2015-10145

Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution vulnerability in /utility/run_commands.sh. The application fails to properly restrict or validate input supplied via the 'commands' parameter, allowing an authenticated attacker to execute arbitrary shell commands on the underlying system. Successful exploitation may result in full compromise of the device, including unauthorized access to system files and execution of attacker-controlled commands.
Vendor
Gargoyle-router
Product
Gargoyle
CWE
CWE-78
Yayın Tarihi
2025-12-31 21:15:50
Güncelleme
2026-01-29 16:53:56
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-78 Gargoyle HIGH Gargoyle-router 2025

Referanslar

https://blog.xlab.qianxin.com/large-scale-botnet-airashi-en/ https://packetstorm.news/files/id/132149 https://www.gargoyle-router.com/ https://www.vulncheck.com/advisories/gargoyle-authenticated-os-command-execution-via-run-commands-sh https://blog.xlab.qianxin.com/large-scale-botnet-airashi-en/