Lucene search
HistoryJun 14, 2023 - 5:15 p.m.
CVE-2023-25367
cve-2023-25367
siglent sds 1104x-e
remote code execution
scpi interface
web server
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.8
Confidence
High
EPSS
0.01
Percentile
83.7%
Siglent SDS 1104X-E SDS1xx4X-E_V6.1.37R9.ADS allows unfiltered user input resulting in Remote Code Execution (RCE) with SCPI interface or web server.
Affected configurations
Node
siglentsds1204x-eMatch-
siglentsds1204x-e_firmwareMatch6.1.37r9.ads
Node
siglentsds1104x-eMatch-
siglentsds1104x-e_firmwareMatch6.1.37r9.ads
Node
siglentsds1074x-eMatch-
siglentsds1074x-e_firmwareMatch6.1.37r9.ads
| Vendor | Product | Version | CPE |
|---|---|---|---|
| siglent | sds1204x-e | - | cpe:2.3:h:siglent:sds1204x-e:-:*:*:*:*:*:*:* |
| siglent | sds1204x-e_firmware | 6.1.37r9.ads | cpe:2.3:o:siglent:sds1204x-e_firmware:6.1.37r9.ads:*:*:*:*:*:*:* |
| siglent | sds1104x-e | - | cpe:2.3:h:siglent:sds1104x-e:-:*:*:*:*:*:*:* |
| siglent | sds1104x-e_firmware | 6.1.37r9.ads | cpe:2.3:o:siglent:sds1104x-e_firmware:6.1.37r9.ads:*:*:*:*:*:*:* |
| siglent | sds1074x-e | - | cpe:2.3:h:siglent:sds1074x-e:-:*:*:*:*:*:*:* |
| siglent | sds1074x-e_firmware | 6.1.37r9.ads | cpe:2.3:o:siglent:sds1074x-e_firmware:6.1.37r9.ads:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2023-06-14 17:15:00
cve
cve
CVE-2023-25367
2023-06-14 17:15:09
cvelist
cvelist
CVE-2023-25367
2023-06-14 00:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.8
Confidence
High
EPSS
0.01
Percentile
83.7%
Related for NVD:CVE-2023-25367