synway CVE Vulnerabilities & CVE List (1)

Products (CPE): — CVEs: 1

synway vulnerability overview

This page aggregates publicly disclosed CVE and security risk information related to synway, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.

Vulnerability distribution trend (last 24 months)

Showing 11 of 1 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2025-71284 Synway SMG Gateway Management Software contains an OS command injection vulnerability in the RADIUS configuration endpoint at /en/9-2radius.php where the radius_address POST parameter is split and interpolated directly into a sed command without sanitization. An unauthenticated remote attacker can inject arbitrary shell commands by submitting a POST request with crafted radius_address, radius_address2, shared_secret2, source_ip, timeout, or retry parameters along with save=1 and enable_radius=1 [email protected] 9.3 5.73% 2026-04-30 2026-06-17
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence