Lucene search
K

4 matches found

Nuclei
Nuclei
added 19 hours ago132 views

Viessmann Vitogate 300 - Remote Code Execution

In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an unauthenticated attacker to bypass authentication and execute arbitrary commands via shell metacharacters in the ipaddr params JSON data for the put method. id: CVE-2023-45852 info: name: Viessmann Vitogate 300 - Remote Code Execution autho...

9.8CVSS7AI score0.14003EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/23 3:49 a.m.11 views

CVE-2023-45852

In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an unauthenticated attacker to bypass authentication and execute arbitrary commands via shell metacharacters in the ipaddr params JSON data for the put method...

9.8CVSS8.2AI score0.14003EPSS
Exploits1References1
Circl
Circl
added 2023/10/14 7:29 a.m.233 views

CVE-2023-45852

creationtimestamp| type| source ---|---|--- 2023-10-14 07:29:31+00:00| seen| https://t.me/cibsecurity/72279 2023-10-31 19:52:09+00:00| published-proof-of-concept| Telegram/-CUWKwBEcwVjAmflphUE2rR4naQmsMl4HRbXghsNm8kRw 2023-12-07 10:47:27+00:00| published-proof-of-concept|...

9.8CVSS6.9AI score0.14003EPSS
In wildExploits1References7
CVE
CVE
added 2023/10/14 12:0 a.m.243 views

CVE-2023-45852

The CVE describes a remote code execution in Viessmann Vitogate 300 (version 2.1.3.0 and earlier) through /cgi-bin/vitogate.cgi. An unauthenticated attacker can bypass authentication and execute arbitrary commands by injecting shell metacharacters in the ipaddr field of the JSON data in a PUT req...

9.8CVSS9.9AI score0.14003EPSS
In wildExploits1References2Affected Software1
Rows per page
Query Builder