From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability Description: - Product Name: Beijing Digital China Yunke Information Technology Co. Ltd DCN firewall - Vulnerability Type: Command Execution Vulnerability - Affected Product: DCME-320 - Affected Version: 7.4.12.60 - CVE ID: CVE-2024-42905 2. Code Audit: - Code File: ping.php - Code Snippet: - Vulnerability Description: - At line 25, the variable is constructed as a string containing command-line arguments. - At line 109, the variable is passed to the function for execution. 3. Vulnerability Reproduction: - POC Example: - Reproduction Steps: 1. Open the login page of the DCN firewall. 2. Log in using an administrator account and password. 3. Capture the request packet after login to obtain the Cookie. 4. Execute the POC command and observe the command execution result. This information provides a detailed description of the command execution vulnerability in the DCN firewall, including the trigger conditions, code audit results, and a POC example for reproduction.