PT-2023-18907 · Zumtobel · Zumtobel Netlink Ccd Onboard

Marco Prati

·

Publicado

2023-11-29

·

Atualizado

2023-12-05

·

CVE-2023-23325

CVSS v3.1

9.8

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Zumtobel Netlink CCD Onboard versions 3.74 through 3.79
Description A command injection issue was discovered via the NetHostname parameter. This allows for potential exploitation.
Recommendations For Zumtobel Netlink CCD Onboard versions 3.74 through 3.79, update to Firmware 3.80 or later to resolve the issue.

Correção

OS Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-78

Identificadores relacionados

CVE-2023-23325

Produtos afetados

Zumtobel Netlink Ccd Onboard