PT-2023-23555 · Edimax · Edimax Wireless Router N300
Publicado
2023-05-12
·
Atualizado
2023-05-24
·
CVE-2023-31983
CVSS v2.0
10
Crítica
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Edimax Wireless Router N300 Firmware version BR-6428NS v4
Description
A Command Injection issue allows an attacker to execute arbitrary code via the
mp function in "/bin/webs" without limitations.Recommendations
For Edimax Wireless Router N300 Firmware version BR-6428NS v4, consider disabling the
mp function in "/bin/webs" as a temporary workaround until a patch is available. Restrict access to the "/bin/webs" endpoint to minimize the risk of exploitation.Exploit
Correção
Command Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Edimax Wireless Router N300