Lucene search

[email protected]CVE-2023-30404

HistoryApr 26, 2023 - 12:15 a.m.

CVE-2023-30404

2023-04-2600:15:09

[email protected]

web.nvd.nist.gov

aigital

wireless-n

repeater

mini_router

v0.131229

rce

vulnerability

syscmd

http request

cve-2023-30404

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.009 Low

EPSS

Percentile

82.9%

JSON

Aigital Wireless-N Repeater Mini_Router v0.131229 was discovered to contain a remote code execution (RCE) vulnerability via the sysCmd parameter in the formSysCmd function. This vulnerability is exploited via a crafted HTTP request.

Affected configurations

NVD

Node

aigitalwireless-n_repeater_mini_router_firmwareMatch0.131229

AND

aigitalwireless-n_repeater_mini_routerMatch-

CPENameOperatorVersion
aigital:wireless-n_repeater_mini_router_firmwareaigital wireless-n repeater mini router firmwareeq0.131229

CPE	Name	Operator	Version
aigital:wireless-n_repeater_mini_router_firmware	aigital wireless-n repeater mini router firmware	eq	0.131229

References

aigital.com

mandomat.github.io/2023-04-13-testing-a-cheap-wifi-repeater/

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.009 Low

EPSS

Percentile

82.9%

JSON

Related for CVE-2023-30404

prion1 nvd1 cvelist1