CVE-2023-37794

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jul 14, 2023

Updated: Jul 26, 2023

CWE ID 77

Summary

CVE-2023-37794 is a newly disclosed vulnerability affecting the WAYOS FBM-291W 19.09.11V. The issue lies in the /upgrade_filter.asp component, which unfortunately allows an attacker to inject commands. By exploiting this command injection vulnerability, an unauthorized user can potentially gain administrative control over the affected device, posing a significant security risk. It is imperative that users of this device apply the necessary patch or update as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r8dNOL
https://www.cve.org/CVERecord?id=CVE-2023-37794
https://nvd.nist.gov/vuln/detail/CVE-2023-37794

Back to Vulnerability Database

CVE-2023-37794

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations