An OS command injection vulnerability in PROLiNK PRC2402M routers allows unauthenticated attackers to execute arbitrary system commands with root privileges via the web interface.

This is an OS command injection flaw located in the live_api.cgi component. By injecting shell metacharacters into the ip parameter during a satellite_status request, an unauthenticated attacker can force the device to execute arbitrary system-level commands.

Successful exploitation allows for complete device compromise, potentially leading to network traffic interception, DNS hijacking, and persistent backdoors within the corporate or home network. The CVSS score of 10.0 reflects the maximum possible risk, indicating that the vulnerability is easily exploitable and carries devastating consequences for network security.

Immediate Action: Apply the latest firmware update provided by PROLiNK to patch the command injection vulnerability in the live_api.cgi endpoint.

Proactive Monitoring: Monitor network traffic for suspicious outbound connections originating from the router and review web management logs for malformed CGI requests.

Compensating Controls: Disable remote management of the router from the WAN side and implement strict firewall rules to limit access to the internal web interface.

Public Exploit Available: No

Given the critical nature of an OS command injection with a CVSS score of 10.0, immediate patching is the only viable solution. Administrators should verify that all PROLiNK PRC2402M devices are running firmware versions released after June 2021 to ensure the vulnerability is neutralized.