Huawei HG655m CVE-2017-17224 Command Injection

Authors:David Maciejak Risk:High CVE:CVE-2017-17224 0day:Command Injection 0DAY DB:0DAY-17134 Date:2018-04-02 Description Fortinet’s FortiGuard Labs has discovered an unauthenticated remote code execution vulnerability in some HG655 routers shipped by the company Huawei. Huawei manufactures a series of network routers directly competing with Linksys and Asus routers. A malicious user can forge an UPnP SOAP request that injects…