CVE-2023-45467: OS Command Injection
First published: Fri Oct 13 2023(Updated: )
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the ntpServIP parameter in the Time Settings.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Netis-systems N3m Firmware | =1.0.1.865 | |
| Netis-systems N3m | =v2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-45467?
CVE-2023-45467 is a command injection vulnerability found in Netis N3Mv2-V1.0.1.865 through the ntpServIP parameter in the Time Settings.
How severe is CVE-2023-45467?
CVE-2023-45467 is categorized as a critical vulnerability with a severity rating of 9.8.
How does CVE-2023-45467 affect Netis N3Mv2 firmware version 1.0.1.865?
Netis N3Mv2 firmware version 1.0.1.865 is affected by CVE-2023-45467 and is vulnerable to command injection via the ntpServIP parameter in the Time Settings.
Is Netis N3Mv2 hardware version 2 affected by CVE-2023-45467?
No, Netis N3Mv2 hardware version 2 is not affected by CVE-2023-45467.
How can I fix the command injection vulnerability in Netis N3Mv2 firmware version 1.0.1.865?
To fix the command injection vulnerability in Netis N3Mv2 firmware version 1.0.1.865, it is recommended to apply the latest firmware update provided by Netis-systems.
- collector/nvd-api
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/author
- agent/references
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/netis-systems
- canonical/netis-systems n3m firmware
- version/netis-systems n3m firmware/1.0.1.865
- canonical/netis-systems n3m
- version/netis-systems n3m/v2