{"uuid": "f3869f51-5d8d-41b9-8ae2-4aba06ff4d87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-18373", "type": "seen", "source": "https://t.me/VulnerabilityNews/6493", "content": "The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has a command injection vulnerability in the Time Setting function, which is only accessible by an authenticated user. The vulnerability is in the tools_time.asp page and can be exploited through the uiViewSNTPServer parameter. Authentication can be achieved by exploiting CVE-2017-18373.\nPublished at: May 02, 2019 at 07:29PM\nView on website", "creation_timestamp": "2019-05-02T20:40:09.000000Z"}