RE11S v1.11 was discovered to contain a command injection vulnerability via the L2TPUserName parameter at /goform/setWAN.Referenceshttps://www.edimax.com/edimax/global/http://re11s.comhttps://github.com/xyqer1/RE11S_1.11-setWAN-CommandInjection
