New Pre-Auth RCE Vulnerability Found in ipTIME Routers' CWMP

A pre-authentication remote code execution (RCE) vulnerability has been discovered in the CWMP (CPE WAN Management Protocol) implementation of ipTIME routers. The flaw allows unauthenticated attackers to execute arbitrary code remotely. No additional details about affected models or exploitation methods were provided.