CVE-2020-7842

MEDIUM

Netis Korea D'live AP 1.1.10 - Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-7842. PoCs published by GangTaegyeong.

AI-analyzed exploit summary The repository contains only a README.md file with a CVE identifier and no additional technical details or exploit code. It appears to be a placeholder or stub with minimal content.

Description

Improper Input validation vulnerability exists in Netis Korea D'live AP which could cause arbitrary command injection and execution when the time setting (using ntpServerlp1 parameter) for the users. This affects D'live set-top box AP(WF2429TB) v1.1.10.

Exploits (1)

nomisec STUB
by GangTaegyeong · poc
https://github.com/GangTaegyeong/CVE-2020-7842

The repository contains only a README.md file with a CVE identifier and no additional technical details or exploit code. It appears to be a placeholder or stub with minimal content.

Classification
Stub 100%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: unknown
No auth needed
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 6.4
EPSS 0.0149
EPSS Percentile 70.8%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-20
Status published
Products (1)
netu/wf2429tb_firmware 1.1.10
Published Nov 20, 2020
Tracked Since Feb 18, 2026