CVE-2023-38829

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Sep 11, 2023

Updated: Sep 13, 2023

CWE ID 77

Summary

CVE-2023-38829 is a new vulnerability affecting NETIS SYSTEMS WF2409E version 3.6.42541. This issue allows remote attackers to execute arbitrary code through the ping and traceroute functions of the diagnostic tools component in the admin management interface. Successful exploitation could result in unauthorized system access and potential data breaches. Network administrators are strongly advised to apply the necessary patches as soon as possible to mitigate this risk. Attackers can target this vulnerability by sending specially crafted packets to the affected system, potentially gaining complete control over it.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sG6bbv
https://www.cve.org/CVERecord?id=CVE-2023-38829
https://nvd.nist.gov/vuln/detail/CVE-2023-38829

Back to Vulnerability Database

CVE-2023-38829

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations