Lucene search

[email protected]CVE-2023-26802

HistoryMar 26, 2023 - 9:15 p.m.

CVE-2023-26802

2023-03-2621:15:07

CWE-22

[email protected]

web.nvd.nist.gov

cve-2023-26802

dcn

digital china networks

authentication bypass

arbitrary command execution

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.2%

JSON

An issue in the component /network_config/nsg_masq.cgi of DCN (Digital China Networks) DCBI-Netlog-LAB v1.0 allows attackers to bypass authentication and execute arbitrary commands via a crafted request.

Affected configurations

NVD

Node

dcnglobaldcbi-netlog-lab_firmwareMatch1.0

AND

dcnglobaldcbi-netlog-labMatch-

CPENameOperatorVersion
dcnglobal:dcbi-netlog-lab_firmwaredcnglobal dcbi-netlog-lab firmwareeq1.0

CPE	Name	Operator	Version
dcnglobal:dcbi-netlog-lab_firmware	dcnglobal dcbi-netlog-lab firmware	eq	1.0

References

github.com/winmt/my-vuls/tree/main/DCN%20DCBI-Netlog-LAB

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.2%

JSON

Related for CVE-2023-26802

cvelist1 nvd1 prion1