CVE-2023-49959

Name of the Vulnerable Software and Affected Versions Indo-Sol PROFINET-INspektor NT versions 2.4.0 and earlier

Description A command injection issue in the gedtupdater service of the firmware allows remote attackers to execute arbitrary system commands with root privileges. This is achieved via a crafted filename parameter in POST requests to the "/api/updater/ctrl/start update" endpoint.

Recommendations For Indo-Sol PROFINET-INspektor NT versions 2.4.0 and earlier, consider disabling the gedtupdater service until a patch is available. Restrict access to the "/api/updater/ctrl/start update" endpoint to minimize the risk of exploitation. Avoid using the filename parameter in this endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.