In Cassia Gateway firmware XC1000_2.1.1.2303082218 and XC2000_2.1.1.2303090947, the queueUrl parameter in /bypass/config is not sanitized. This leads to injecting Bash code and executing it with root privileges on device startup.
References
Link | Resource |
---|---|
https://blog.kscsc.online/cves/202331446/md.html | |
https://github.com/Dodge-MPTC/CVE-2023-31446-Remote-Code-Execution | Exploit Third Party Advisory |
https://www.cassianetworks.com | Product |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2024-01-10T00:00:00
Updated: 2024-01-29T21:01:36.064121
Reserved: 2023-04-28T00:00:00
Link: CVE-2023-31446
JSON object: View
NVD Information
Status : Modified
Published: 2024-01-10T03:15:43.263
Modified: 2024-01-29T21:15:08.340
Link: CVE-2023-31446
JSON object: View
Redhat Information
No data.
CWE