CVE-2013-7179
Seowon Intech SWC-9100 - OS Command Injection via ping_ipaddr Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2013-7179. PoCs published by Josue Rojas.
AI-analyzed exploit summary This exploit leverages a command injection vulnerability in the WiMAX SWC-9100 Mobile Router's diagnostic.cgi endpoint. The PoC uses curl to send a crafted POST request with a malicious ping_ipaddr parameter to execute arbitrary commands (e.g., 'ls -lash /etc').
Description
The ping functionality in cgi-bin/diagnostic.cgi on Seowon Intech SWC-9100 routers allows remote attackers to execute arbitrary commands via shell metacharacters in the ping_ipaddr parameter.
Exploits (1)
This exploit leverages a command injection vulnerability in the WiMAX SWC-9100 Mobile Router's diagnostic.cgi endpoint. The PoC uses curl to send a crafted POST request with a malicious ping_ipaddr parameter to execute arbitrary commands (e.g., 'ls -lash /etc').