CVE-2023-31746

Опубликовано: 14 июн. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

There is a command injection vulnerability in the adslr VW2100 router with firmware version M1DV1.0. An unauthenticated attacker can exploit the vulnerability to execute system commands as the root user.

Ссылки

https://github.com/D2y6p/CVE/blob/main/adslr/CVE-2023-31746/1/VW2100_RCE1.pdf
Broken Link
Third Party Advisory
https://github.com/D2y6p/CVE/blob/main/adslr/CVE-2023-31746/2/VW2100_RCE2.pdf
Broken Link
Third Party Advisory
https://github.com/D2y6p/CVE/blob/main/adslr/CVE-2023-31746/3/VW2100_RCE3.pdf
Broken Link
Third Party Advisory
https://github.com/D2y6p/CVE/blob/main/adslr/CVE-2023-31746/4/VW2100_RCE4.pdf
Broken Link
Third Party Advisory
https://github.com/D2y6p/CVE/blob/main/adslr/CVE-2023-31746/1/VW2100_RCE1.pdf
Broken Link
Third Party Advisory
https://github.com/D2y6p/CVE/blob/main/adslr/CVE-2023-31746/2/VW2100_RCE2.pdf
Broken Link
Third Party Advisory
https://github.com/D2y6p/CVE/blob/main/adslr/CVE-2023-31746/3/VW2100_RCE3.pdf
Broken Link
Third Party Advisory
https://github.com/D2y6p/CVE/blob/main/adslr/CVE-2023-31746/4/VW2100_RCE4.pdf
Broken Link
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:adslr:vw2100_firmware:m1dv1.0:*:*:*:*:*:*:*

cpe:2.3:h:adslr:vw2100:-:*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01425

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-77

Связанные уязвимости

GHSA-p296-v2hg-wfqw