Panabit PAP-XM320 Command Injection Vulnerability in ajax_cmd Endpoint

Vulnerability

A command injection vulnerability has been identified in Panabit PAP-XM320 versions up to and including 7.7. The issue resides in the CGI component, specifically within the /cgi-bin/tools/ajax_cmd endpoint. This vulnerability allows authenticated users to execute arbitrary shell commands with root privileges by exploiting the action=runcmd parameter.

Impact

Exploitation of this vulnerability allows for arbitrary command execution with root privileges on the affected system.

Added: May 19, 2026, 5:25 PM

Updated: May 19, 2026, 5:25 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

0.0

relevance

8.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

0.0

relevance

8.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Panabit PAP-XM320 Command Injection Vulnerability in ajax_cmd Endpoint

Vulnerability

Impact

Affected Products

Panabit PAP-XM320

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating