CVE-2025-71284
Synway SMG Gateway Management Software OS Command Injection via radius_address
Synway SMG Gateway Management Software contains an OS command injection vulnerability in the RADIUS configuration endpoint at /en/9-2radius.php where the radius_address POST parameter is split and interpolated directly into a sed command without sanitization. An unauthenticated remote attacker can inject arbitrary shell commands by submitting a POST request with crafted radius_address, radius_address2, shared_secret2, source_ip, timeout, or retry parameters along with save=1 and enable_radius=1 to achieve remote code execution. Exploitation evidence was first observed by the Shadowserver Foundation on 2025-07-11 (UTC).
| CWE | CWE-78 |
| Vendor | synway information engineering co., ltd. |
| Product | synway smg gateway management software |
| Published | Apr 30, 2026 |
Get instant alerts for synway information engineering co., ltd. synway smg gateway management software
Be the first to know when new critical vulnerabilities affecting synway information engineering co., ltd. synway smg gateway management software are published โ delivered to Slack, Telegram or Discord.
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H