CVE-2021-43469

HIGH

VINGA WR-N300U 77.102.1.4853 - OS Command Injection in goahead Component

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-43469. PoCs published by badboycxcc.

AI-analyzed exploit summary This repository contains a writeup for CVE-2021-43469, detailing command execution vulnerabilities in the VINGA WR-N300U router's Ping and traceroute interfaces post-authentication. It includes screenshots and IDA analysis but lacks actual exploit code.

Description

VINGA WR-N300U 77.102.1.4853 is affected by a command execution vulnerability in the goahead component.

Exploits (1)

nomisec WRITEUP 1 stars

by badboycxcc · poc

https://github.com/badboycxcc/CVE-2021-43469

View Code ZIP pw:eip

This repository contains a writeup for CVE-2021-43469, detailing command execution vulnerabilities in the VINGA WR-N300U router's Ping and traceroute interfaces post-authentication. It includes screenshots and IDA analysis but lacks actual exploit code.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: VINGA WR-N300U router with GoAhead webserver

Auth required

Prerequisites: Network access to the router · Valid credentials for authentication

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1210 - Exploitation of Remote Services

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

https://github.com/badboycxcc/CVE

Scores

CVSS v3 8.8

EPSS 0.0231

EPSS Percentile 81.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-77

Status published

Products (1)

vinga/wr-n300u_firmware 77.102.1.4853

Published Dec 06, 2021

Tracked Since Feb 18, 2026