CVE-2023-43893: OS Command Injection
First published: Mon Oct 02 2023(Updated: )
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the wakeup_mac parameter in the Wake-On-LAN (WoL) function. This vulnerability is exploited via a crafted payload.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Netis-systems N3m Firmware | =1.0.1.865 | |
| Netis-systems N3m | =v2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the CVE ID of this vulnerability?
The CVE ID of this vulnerability is CVE-2023-43893.
What is the severity of CVE-2023-43893?
The severity of CVE-2023-43893 is critical with a CVSS score of 9.8.
How does the vulnerability in Netis N3Mv2-V1.0.1.865 occur?
The vulnerability in Netis N3Mv2-V1.0.1.865 occurs due to a command injection via the wakeup_mac parameter in the Wake-On-LAN (WoL) function.
How can this vulnerability be exploited?
This vulnerability can be exploited using a crafted payload.
Is there a fix available for this vulnerability?
There is no information available regarding a fix for this vulnerability at the moment.
- collector/nvd-api
- collector/nvd-index
- agent/weakness
- agent/author
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/epss-latest
- source/FIRST
- agent/severity
- agent/references
- agent/description
- agent/epss
- agent/event
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/netis-systems
- canonical/netis-systems n3m firmware
- version/netis-systems n3m firmware/1.0.1.865
- canonical/netis-systems n3m
- version/netis-systems n3m/v2