Lucene search

[email protected]NVD:CVE-2023-41011

HistorySep 14, 2023 - 7:16 p.m.

CVE-2023-41011

2023-09-1419:16:50

CWE-77

[email protected]

web.nvd.nist.gov

command execution

china mobile

remote attack

arbitrary code

telnet component

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.004

Percentile

74.0%

JSON

Command Execution vulnerability in China Mobile Communications China Mobile Intelligent Home Gateway v.HG6543C4 allows a remote attacker to execute arbitrary code via the shortcut_telnet.cg component.

Affected configurations

Nvd

Node

chinamobileintelligent_home_gateway_firmwareMatchhg6543c4

AND

chinamobileintelligent_home_gatewayMatch-

VendorProductVersionCPE
chinamobileintelligent_home_gateway_firmwarehg6543c4cpe:2.3:o:chinamobile:intelligent_home_gateway_firmware:hg6543c4:*:*:*:*:*:*:*
chinamobileintelligent_home_gateway-cpe:2.3:h:chinamobile:intelligent_home_gateway:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
chinamobile	intelligent_home_gateway_firmware	hg6543c4	cpe:2.3:o:chinamobile:intelligent_home_gateway_firmware:hg6543c4:::::::*
chinamobile	intelligent_home_gateway	-	cpe:2.3:h:chinamobile:intelligent_home_gateway:-:::::::*

References

github.com/te5tb99/For-submitting/wiki/Command-Execution-Vulnerability-in-China-Mobile-Intelligent-Home-Gateway-HG6543C4

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.004

Percentile

74.0%

JSON

Related for NVD:CVE-2023-41011

vulnrichment1 cvelist1 cve1 prion1