PT-2023-23376 · Motorola · Motorola Cx2L Router
Published
2023-05-11
·
Updated
2023-05-18
·
CVE-2023-31530
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Motorola CX2L Router version 1.0.1
Description
A command injection issue was found in the Motorola CX2L Router, specifically via the
smartqos priority devices parameter. This allows for potential command injection attacks.Recommendations
For Motorola CX2L Router version 1.0.1, consider restricting access to the
smartqos priority devices parameter until a patch is available. As a temporary workaround, avoid using the smartqos priority devices parameter in affected configurations to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.Exploit
Fix
Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Motorola Cx2L Router