A cgi script of the uaGate SI handles its parameters in an unsafe fashion. Maliciously carfted url parameters can transfere an arbitrary command payload that is executed with the rights of the webserver.
The uaGates firmware update script, that is called from the webserver user with sudo, handles its parameters in a unsafe fashion. So along with a legitimate firmware image, a second firmware file can be supplied to the script.
A cgi script of the uaGate SI handles its parameters in an unsafe fashion. Maliciously carfted url parameters can transfere an arbitrary command payload that is executed with the rights of the webserver.
The system path /usr/local/bin has file mode 2777 (drwxrwsrwx).