CVE-2023-31728
First published: Sat Feb 17 2024(Updated: )
Teltonika RUT240 devices with firmware before 07.04.2, when bridge mode is used, sometimes make SSH and HTTP services available on the IPv6 WAN interface even though the UI shows that they are only available on the LAN interface.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Teltonika Networks RUT240 | <07.04.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-31728?
CVE-2023-31728 has been classified as a medium severity vulnerability due to the potential exposure of SSH and HTTP services on the IPv6 WAN interface.
How do I fix CVE-2023-31728?
To fix CVE-2023-31728, update the firmware of Teltonika RUT240 devices to version 07.04.2 or later.
What systems are affected by CVE-2023-31728?
CVE-2023-31728 affects Teltonika RUT240 devices running firmware versions prior to 07.04.2.
What are the risks associated with CVE-2023-31728?
The risks associated with CVE-2023-31728 include unauthorized access to SSH and HTTP services over the internet.
Is there a workaround for CVE-2023-31728?
A potential workaround for CVE-2023-31728 is to disable bridge mode if it's not required, reducing the attack surface.
- agent/references
- agent/type
- agent/first-publish-date
- agent/description
- agent/author
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/severity
- agent/last-modified-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/teltonika
- canonical/teltonika networks rut240