cvedb.io
CVE-2017-12576
HIGH · CVSS 7.2
EPSS exploitation probability: 0%
Published 2018-08-24T19:29:00.907 · Last modified 2026-06-17T01:03:32.007

Summary

An issue was discovered on the PLANEX CS-QR20 1.30. A hidden and undocumented management page allows an attacker to execute arbitrary code on the device when the user is authenticated. The management page was used for debugging purposes, once you login and access the page directly (/admin/system_command.asp), you can execute any command.

Affected products

planex — cs-qr20_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when planex ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.