CVE-2023-33919

Name of the Vulnerable Software and Affected Versions CP-8031 MASTER MODULE versions prior to CPCI85 V05 CP-8050 MASTER MODULE versions prior to CPCI85 V05

Description A vulnerability has been identified in the web interface of affected devices due to missing server-side input sanitation, making it vulnerable to command injection. This could allow an authenticated privileged remote attacker to execute arbitrary code with root privileges.

Recommendations For CP-8031 MASTER MODULE versions prior to CPCI85 V05, update to version CPCI85 V05 or later to resolve the issue. For CP-8050 MASTER MODULE versions prior to CPCI85 V05, update to version CPCI85 V05 or later to resolve the issue. As a temporary workaround, consider restricting access to the web interface of affected devices to minimize the risk of exploitation.