Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistTalosCVELIST:CVE-2023-39367
HistoryApr 17, 2024 - 12:55 p.m.

CVE-2023-39367

2024-04-1712:55:47
CWE-78
talos
raw.githubusercontent.com
command injection
peplink smart reader
web interface
http request
vulnerability
arbitrary command execution
qemu

6.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.5%

JSON

An OS command injection vulnerability exists in the web interface mac2name functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.

Related

cve 1
talos 5
talosblog 1
cve
cve
CVE-2023-39367
2024-04-17 13:15:06
talos
talos
Peplink Smart Reader web interface mac2name OS command injection vulnerability
2024-04-17 00:00:00
Peplink Smart Reader /bin/login privilege escalation vulnerability
2024-04-17 00:00:00
Peplink Smart Reader web interface /cgi-bin/upload_config.cgi data integrity vulnerability
2024-04-17 00:00:00
talosblog
talosblog
Vulnerabilities in employee management system could lead to remote code execution, login credential theft
2024-05-01 16:00:12

6.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.5%

JSON
Related for CVELIST:CVE-2023-39367
cve1talos5talosblog1