CVE-2023-49593
July 8, 2024, 4:35 p.m.
Tags
CVSS Score
Product(s) Impacted
LevelOne WBR-6013 Router
- RER4_A_v3411b_2T2R_LEV_09_170623
Description
Leftover debug code exists in the boa formSysCmd functionality of LevelOne WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623. A specially crafted network request can lead to arbitrary command execution.
Weaknesses
CWE-489
Active Debug Code
The product is deployed to unauthorized actors with debugging code still enabled or active, which can create unintended entry points or expose sensitive information.
CWE ID: 489Date
Published: July 8, 2024, 4:15 p.m.
Last Modified: July 8, 2024, 4:35 p.m.
Status : Awaiting Analysis
CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
More infoSource
talos-cna@cisco.com
CVSS Data
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
Exploitability Score
Impact Score
Base Severity
HIGHCVSS Vector String
The CVSS vector string provides an in-depth view of the vulnerability metrics.
View Vector StringCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H