CVE-2023-32349

First published: Mon May 22 2023(Updated: )

Version 00.07.03.4 and prior of Teltonika’s RUT router firmware contain a packet dump utility that contains proper validation for filter parameters. However, variables for validation checks are stored in an external configuration file. An authenticated attacker could use an exposed UCI configuration utility to change these variables and enable malicious parameters in the dump utility, which could result in arbitrary code execution.

Credit: ics-cert@hq.dhs.gov

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/type
• agent/author
• agent/weakness
• agent/references
• agent/description
• collector/ics-cert-advisory
• source/ICS
• agent/software-canonical-lookup
• agent/software-canonical-lookup-request
• collector/mitre-cve
• source/MITRE
• agent/last-modified-date
• agent/severity
• agent/event
• agent/first-publish-date
• agent/source
• agent/tags
• agent/softwarecombine
• collector/nvd-index
• vendor/teltonika
• canonical/teltonika remote management system (rms): versions prior to 4.10.0 (affected by cve-2023-32346, cve-2023-32347, cve-2023-32348, cve-2023-2587, cve-2023-2588)
• canonical/teltonika remote management system (rms): versions prior to 4.14.0 (affected by cve-2023-2586)
• canonical/teltonika rut model routers: version 00.07.00 through 00.07.03.4 (affected by cve-2023-32349)
• canonical/teltonika rut model routers: version 00.07.00 through 00.07.03 (affected by cve-2023-32350)
• vendor/teltonika-networks
• canonical/teltonika networks rut200 firmware
• version/teltonika networks rut200 firmware/00.07.03.4
• canonical/teltonika networks rut200
• canonical/teltonika networks rut240 firmware
• version/teltonika networks rut240 firmware/00.07.03.4
• canonical/teltonika networks rut240
• canonical/teltonika rut241 firmware
• version/teltonika rut241 firmware/00.07.03.4
• canonical/teltonika networks rut241
• canonical/teltonika-networks rut300 firmware
• version/teltonika-networks rut300 firmware/00.07.03.4
• canonical/teltonika networks rut360
• version/teltonika networks rut360/00.07.03.4
• canonical/teltonika networks rut901 firmware
• version/teltonika networks rut901 firmware/00.07.03.4
• canonical/teltonika networks rut950
• version/teltonika networks rut950/00.07.03.4
• canonical/teltonika networks rut951
• version/teltonika networks rut951/00.07.03.4
• canonical/teltonika-networks rut955 firmware
• version/teltonika-networks rut955 firmware/00.07.03.4
• canonical/teltonika-networks rut956 firmware
• version/teltonika-networks rut956 firmware/00.07.03.4
• canonical/teltonika networks rutx08 firmware
• version/teltonika networks rutx08 firmware/00.07.03.4
• canonical/teltonika-networks rutx09
• version/teltonika-networks rutx09/00.07.03.4
• canonical/teltonika networks rutx09 firmware
• canonical/teltonika networks rutx10
• version/teltonika networks rutx10/00.07.03.4
• canonical/teltonika networks rutx11
• version/teltonika networks rutx11/00.07.03.4
• canonical/teltonika-networks rutx12 firmware
• version/teltonika-networks rutx12 firmware/00.07.03.4
• canonical/teltonika networks rutx12
• canonical/teltonika-networks rutx14
• version/teltonika-networks rutx14/00.07.00
• version/teltonika-networks rutx14/00.07.03.4
• canonical/teltonika networks rutx14
• canonical/teltonika-networks rutx50 firmware
• version/teltonika-networks rutx50 firmware/00.07.00
• version/teltonika-networks rutx50 firmware/00.07.03.4
• canonical/teltonika networks rutx50
• canonical/teltonika networks rutxr1 firmware
• version/teltonika networks rutxr1 firmware/00.07.00
• version/teltonika networks rutxr1 firmware/00.07.03.4
• canonical/teltonika networks rutxr1