fake_upload.cgi on the Telstra Smart Modem Gen 2 (Arcadyan LH1000), firmware versions < 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution as root.
References
Link | Resource |
---|---|
https://www.tenable.com/security/research/tra-2023-19 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: tenable
Published: 2023-09-20T13:03:10.299Z
Updated: 2023-09-20T13:03:10.299Z
Reserved: 2023-09-18T17:35:17.960Z
Link: CVE-2023-43478
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-09-20T14:15:15.127
Modified: 2023-09-22T18:36:45.253
Link: CVE-2023-43478
JSON object: View
Redhat Information
No data.
CWE