CVE-2025-71284
CriticalSummary
The Synway SMG Gateway Management Software contains an OS command injection vulnerability in the RADIUS configuration endpoint, allowing for remote code execution.
Risk Assessment
An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary shell commands, posing a significant security risk to the system.
Recommendation
It is recommended to update the software to the latest version and implement appropriate security measures to mitigate the risk of command injection.
Original NVD description (English source)
Synway SMG Gateway Management Software contains an OS command injection vulnerability in the RADIUS configuration endpoint at /en/9-2radius.php where the radius_address POST parameter is split and interpolated directly into a sed command without sanitization. An unauthenticated remote attacker can inject arbitrary shell commands by submitting a POST request with crafted radius_address, radius_address2, shared_secret2, source_ip, timeout, or retry parameters along with save=1 and enable_radius=1 to achieve remote code execution. Exploitation evidence was first observed by the Shadowserver Foundation on 2025-07-11 (UTC).

