PT-2023-28837 · Telstra · Telstra Smart Modem Gen 2

Evan Grant

Published

2023-09-20

Updated

2023-09-22

CVE-2023-43477

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Telstra Smart Modem Gen 2 (Arcadyan LH1000) versions prior to 0.18.15r

Description The ping from parameter of ping tracerte.cgi in the web UI was not properly sanitized before being used in a system call, which could allow an authenticated attacker to achieve command injection as root on the device.

Recommendations For versions prior to 0.18.15r, update to firmware version 0.18.15r or later to resolve the issue. As a temporary workaround, consider restricting access to the ping tracerte.cgi endpoint until a patch is available. Avoid using the ping from parameter in the affected API endpoint until the issue is resolved.

Exploit

Fix

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

CVE-2023-43477

Affected Products

Telstra Smart Modem Gen 2

PT-2023-28837 · Telstra · Telstra Smart Modem Gen 2

CVE-2023-43477

Weakness Enumeration

Related Identifiers

Affected Products

References · 6