Home / os / winnt

Cayin Content Management Server 11.0 Root Remote Command Injection

Posted on 05 June 2020

CAYIN CMS suffers from an authenticated OS semi-blind command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user through the NTP_Server_IP HTTP POST parameter in system.cgi page.

 

TOP

Malware :

Exploits :