Lucene search
CERTVDECVELIST:CVE-2023-1082HistoryApr 09, 2024 - 8:25 a.m.
CVE-2023-1082 Welotec: Command injection vulnerability in TK500v1 router series
2024-04-0908:25:34
CWE-78
CERTVDE
www.cve.org
welotec
command injection
tk500v1
router series
remote attacker
low privileges
root access
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.5%
An remote attacker with low privileges can perform a command injection which can lead to root access.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "TK515L",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK515L Set",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK515L-W",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK515L-W Set",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525L",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525L Set",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525L-W",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525L-W Set",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525U",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525U Set",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525W",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK525W Set",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK535L1",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TK535L1 Set",
"vendor": "Welotec",
"versions": [
{
"lessThan": "v2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]References
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.5%
Related for CVELIST:CVE-2023-1082