CVE-2020-7842

Summary

Improper Input validation vulnerability exists in Netis Korea D'live AP which could cause arbitrary command injection and execution when the time setting (using ntpServerlp1 parameter) for the users. This affects D'live set-top box AP(WF2429TB) v1.1.10.

Affected Software

VendorProductVersion RangeStatus
Netis KoreaD’live set-top box AP(WF2429TB)1.1.10 <= 1.1.10affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

References