CVE-2023-50993

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 20, 2023

Updated: Dec 29, 2023

CWE ID 78

Summary

CVE-2023-50993 is a command injection vulnerability affecting Ruijie WS6008 v1.x and v2.x, as well as WS6108 v1.x. The issue lies in the function "downFiles," which can be exploited to inject and execute malicious commands on the affected devices. Successful exploitation could result in unauthorized access, data theft, or system compromise. Users are advised to update their devices to the latest software version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/t1yJjs
https://www.cve.org/CVERecord?id=CVE-2023-50993
https://nvd.nist.gov/vuln/detail/CVE-2023-50993

Back to Vulnerability Database

CVE-2023-50993

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations