CVE-2023-37569 OS Command Injection Vulnerability in Emagic Data Center Management Suite

🗓️ 08 Aug 2023 08:04:22Reported by CERT-InType

OS Command Injection Vulnerability in Emagic Data Center Management Suite due to lack of input sanitization in its Ping component. Remote authenticated attacker could exploit by injecting OS commands, potentially allowing execution of arbitrary code.

Reporter	Title	Published	Views	Family All 10
0day.today	Emagic Data Center Management Suite v6.0 - OS Command Injection Exploit	8 Aug 202300:00	–	zdt
CNNVD	ESDS Emagic Data Center Management Suit Operating System Command Injection Vulnerability	8 Aug 202300:00	–	cnnvd
CVE	CVE-2023-37569	8 Aug 202308:04	–	cve
Exploit DB	Emagic Data Center Management Suite v6.0 - OS Command Injection	8 Aug 202300:00	–	exploitdb
NVD	CVE-2023-37569	8 Aug 202309:15	–	nvd
Packet Storm	Emagic Data Center Management Suite 6.0 Remote Command Execution	9 Aug 202300:00	–	packetstorm
Prion	Design/Logic Flaw	8 Aug 202309:15	–	prion
Positive Technologies	PT-2023-26027 · Esds · Esds Emagic Data Center Management Suit	8 Aug 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-37569	13 Feb 202519:34	–	redhatcve
Vulnrichment	CVE-2023-37569 OS Command Injection Vulnerability in Emagic Data Center Management Suite	8 Aug 202308:04	–	vulnrichment

[
  {
    "vendor": "ESDS",
    "product": "Emagic Data Center Management Suite",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThanOrEqual": "V6.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/174084/Emagic-Data-Center-Management-Suite-6.0-Remote-Command-Execution.html
cert-in	www.cert-in.org.in/s2cMainServlet

09 Aug 2023 17:06Current

9High risk

Vulners AI Score9

CVSS 3.18.8

EPSS0.24029

CWE-78