Full title: TELSAT marKoni FM Transmitter 1.9.5 Root Command Injection Exploit 
Category: web applications
Platform: hardware
TELSAT marKoni FM Transmitter version 1.9.5 is susceptible to unauthenticated remote code execution with root privileges. An attacker can exploit a command injection vulnerability by manipulating the Email settings' WAN IP info service, which utilizes the wget module. This allows the attacker to gain unauthorized access to the system with administrative privileges by exploiting the url parameter in the HTTP GET request to ekafcgi.fcgi.

# 0day.today @ http://0day.today/