CVE-2023-39222

Name of the Vulnerable Software and Affected Versions FURUNO SYSTEMS ACERA 1320 firmware versions 01.26 and earlier FURUNO SYSTEMS ACERA 1310 firmware versions 01.26 and earlier FURUNO SYSTEMS ACERA 1210 firmware versions 02.36 and earlier FURUNO SYSTEMS ACERA 1150i firmware versions 01.35 and earlier FURUNO SYSTEMS ACERA 1150w firmware versions 01.35 and earlier FURUNO SYSTEMS ACERA 1110 firmware versions 01.76 and earlier FURUNO SYSTEMS ACERA 1020 firmware versions 01.86 and earlier FURUNO SYSTEMS ACERA 1010 firmware versions 01.86 and earlier FURUNO SYSTEMS ACERA 950 firmware versions 01.60 and earlier FURUNO SYSTEMS ACERA 850F firmware versions 01.60 and earlier FURUNO SYSTEMS ACERA 900 firmware versions 02.54 and earlier FURUNO SYSTEMS ACERA 850M firmware versions 02.06 and earlier FURUNO SYSTEMS ACERA 810 firmware versions 03.74 and earlier FURUNO SYSTEMS ACERA 800ST firmware versions 07.35 and earlier

Description An OS command injection vulnerability in FURUNO SYSTEMS wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command that is not intended to be executed from the web interface by sending a specially crafted request. The affected devices are running in ST (Standalone) mode.

Recommendations For FURUNO SYSTEMS ACERA 1320 firmware versions 01.26 and earlier, update to a version later than 01.26. For FURUNO SYSTEMS ACERA 1310 firmware versions 01.26 and earlier, update to a version later than 01.26. For FURUNO SYSTEMS ACERA 1210 firmware versions 02.36 and earlier, update to a version later than 02.36. For FURUNO SYSTEMS ACERA 1150i firmware versions 01.35 and earlier, update to a version later than 01.35. For FURUNO SYSTEMS ACERA 1150w firmware versions 01.35 and earlier, update to a version later than 01.35. For FURUNO SYSTEMS ACERA 1110 firmware versions 01.76 and earlier, update to a version later than 01.76. For FURUNO SYSTEMS ACERA 1020 firmware versions 01.86 and earlier, update to a version later than 01.86. For FURUNO SYSTEMS ACERA 1010 firmware versions 01.86 and earlier, update to a version later than 01.86. For FURUNO SYSTEMS ACERA 950 firmware versions 01.60 and earlier, update to a version later than 01.60. For FURUNO SYSTEMS ACERA 850F firmware versions 01.60 and earlier, update to a version later than 01.60. For FURUNO SYSTEMS ACERA 900 firmware versions 02.54 and earlier, update to a version later than 02.54. For FURUNO SYSTEMS ACERA 850M firmware versions 02.06 and earlier, update to a version later than 02.06. For FURUNO SYSTEMS ACERA 810 firmware versions 03.74 and earlier, update to a version later than 03.74. For FURUNO SYSTEMS ACERA 800ST firmware versions 07.35 and earlier, update to a version later than 07.35. As a temporary workaround, consider restricting access to the web interface until a patch is available.