Lucene search
MitreCVE-2023-43455HistoryDec 01, 2023 - 2:15 a.m.
CVE-2023-43455
2023-12-0102:15:07
CWE-77
mitre
web.nvd.nist.gov
13
totolink
x6000r
v9.4.0cu.652_b20230116
v9.4.0cu.852_b20230719
remote code execution
command parameter
settraceroutecfg
security vulnerability
cve-2023-43455
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0.007
Percentile
81.1%
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the command parameter of the setting/setTracerouteCfg component.
Affected configurations
Node
totolinkx6000r_firmwareMatch9.4.0cu.652_b20230116
ORtotolinkx6000r_firmwareMatch9.4.0cu.852_b20230719
totolinkx6000rMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| totolink | x6000r_firmware | 9.4.0cu.652_b20230116 | cpe:2.3:o:totolink:x6000r_firmware:9.4.0cu.652_b20230116:*:*:*:*:*:*:* |
| totolink | x6000r_firmware | 9.4.0cu.852_b20230719 | cpe:2.3:o:totolink:x6000r_firmware:9.4.0cu.852_b20230719:*:*:*:*:*:*:* |
| totolink | x6000r | - | cpe:2.3:h:totolink:x6000r:-:*:*:*:*:*:*:* |
Related
prion
prion
Command injection
2023-12-01 02:15:00
cvelist
cvelist
CVE-2023-43455
2023-12-01 00:00:00
nvd
nvd
CVE-2023-43455
2023-12-01 02:15:07
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0.007
Percentile
81.1%
Related for CVE-2023-43455