CVE-2015-10145
HIGH EXPLOITEDGargoyle router management utility <1.5.x - Command Injection
Title source: llmExploitation Summary
CVE-2015-10145 has been observed exploited in the wild (reported by VulnCheck KEV).
Description
Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution vulnerability in /utility/run_commands.sh. The application fails to properly restrict or validate input supplied via the 'commands' parameter, allowing an authenticated attacker to execute arbitrary shell commands on the underlying system. Successful exploitation may result in full compromise of the device, including unauthorized access to system files and execution of attacker-controlled commands.
References (4)
Core 4
Core References
Exploit exploit
https://packetstorm.news/files/id/132149
Product product
https://www.gargoyle-router.com/
Exploit, Third Party Advisory technical-description
https://blog.xlab.qianxin.com/large-scale-botnet-airashi-en/
Third Party Advisory third-party-advisory
https://www.vulncheck.com/advisories/gargoyle-authenticated-os-command-execution-via-run-commands-sh
Scores
CVSS v3
8.8
EPSS
0.0063
EPSS Percentile
45.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
VulnCheck KEV
2025-12-31
CWE
CWE-78
Status
published
Products (2)
Gargoyle/Gargoyle Router Management Utility
1.5.0
gargoyle-router/gargoyle
1.5.0 - 1.5.11
Published
Dec 31, 2025
Tracked Since
Feb 18, 2026