PT-2025-4862 · Ud-Lt2 · Ud-Lt2
Kaori Takashima
+2
·
Published
2025-01-22
·
Updated
2025-01-22
·
CVE-2025-23237
CVSS v3.1
6.6
Medium
| Vector | AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
UD-LT2 firmware versions 1.00.008 SE and earlier
Description
An issue exists due to the improper neutralization of special elements used in an OS command, allowing for the execution of arbitrary OS commands if a user logs in to the CLI of the affected product.
Recommendations
For versions 1.00.008 SE and earlier, update to a version that addresses the OS Command Injection issue.
As a temporary workaround, consider restricting access to the CLI to minimize the risk of exploitation.
Fix
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ud-Lt2