Lucene search
IcscertCVELIST:CVE-2023-33869HistoryJun 20, 2023 - 7:43 p.m.
CVE-2023-33869 Enphase Envoy OS Command Injection
2023-06-2019:43:46
CWE-78
icscert
www.cve.org
3
enphase envoy
command injection
vulnerable
root commands
CVSS3
6.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
AI Score
9.9
Confidence
High
EPSS
0.001
Percentile
38.5%
Enphase Envoy versions D7.0.88 is vulnerable to a command injection exploit that may allow an attacker to execute root commands.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Envoy",
"vendor": "Enphase ",
"versions": [
{
"status": "affected",
"version": " D7.0.88"
}
]
}
]Related
prion
prion
Command injection
2023-06-20 20:15:00
nvd
nvd
CVE-2023-33869
2023-06-20 20:15:09
cve
cve
CVE-2023-33869
2023-06-20 20:15:09
ics
ics
Enphase Envoy (Update A)
2023-07-13 12:00:00
CVSS3
6.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
AI Score
9.9
Confidence
High
EPSS
0.001
Percentile
38.5%
Related for CVELIST:CVE-2023-33869