High severity8.8NVD Advisory· Published Aug 24, 2018· Updated Jun 17, 2026
CVE-2017-12573
CVE-2017-12573
Description
An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. The device has a command-injection vulnerability in the web management UI on NAS settings page "/cgi-bin/nasset.cgi". An attacker can send a crafted HTTP POST request to execute arbitrary code. Authentication is required before executing the attack.
Affected products
1Patches
Vulnerability mechanics
References
1- seclists.org/fulldisclosure/2018/Aug/29nvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.