CVE-2023-0862
published 2023-02-16CVE-2023-0862: The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading…
PriorityP358high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
2.35%
81.6th percentile
The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote command execution with elevated privileges.
This issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| netmodule | netmodule_router_software | < 4.6.0.105 | 4.6.0.105 |
| netmodule | netmodule_router_software | >= 4.3.0.0 < 4.3.0.119 | 4.3.0.119 |
| netmodule | netmodule_router_software | >= 4.4.0.0 < 4.4.0.118 | 4.4.0.118 |
| netmodule | netmodule_router_software | >= 4.6.0.0 < 4.6.0.105 | 4.6.0.105 |
| netmodule | netmodule_router_software | >= 4.7.0.0 < 4.7.0.103 | 4.7.0.103 |
| netmodule | nsrw | >= 4.3.0.0 < 4.3.0.119 | 4.3.0.119 |
| netmodule | nsrw | >= 4.4.0.0 < 4.4.0.118 | 4.4.0.118 |
| netmodule | nsrw | >= 4.6.0.0 < 4.6.0.105 | 4.6.0.105 |
| netmodule | nsrw | >= 4.7.0.0 < 4.7.0.103 | 4.7.0.103 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4qww-v3r6-7335: The web administration interface in NetModule Router Software (NRSW) 4
ghsa_unreviewed·2023-10-22·CVSS 7.2
CVE-2023-46306 [HIGH] CWE-78 GHSA-4qww-v3r6-7335: The web administration interface in NetModule Router Software (NRSW) 4
The web administration interface in NetModule Router Software (NRSW) 4.6 before 4.6.0.106 and 4.8 before 4.8.0.101 executes an OS command constructed with unsanitized user input: shell metacharacters in the /admin/gnssAutoAlign.php device_id parameter. This occurs because another thread can be started before the trap that triggers the cleanup function. A successful exploit could allow an authenticated user to execute arbitrary commands with elevated privileges. NOTE: this is different from CVE-2023-0861 and CVE-2023-0862, which were fixed in version 4.6.0.105.
GHSA
GHSA-hp6q-h54g-hcww: The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion
ghsa_unreviewed·2023-02-16
CVE-2023-0862 [HIGH] CWE-22 GHSA-hp6q-h54g-hcww: The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion
The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote command execution with elevated privileges. This issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103. The issue affects NSRW packaged by Phoenix Contact routers: from 4.6.72.0 before 4.6.72.101, from 4.6.73.0 before 4.6.73.101.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://onekey.com/blog/security-advisory-netmodule-multiple-vulnerabilities/https://share.netmodule.com/public/system-software/4.7/4.7.0.103/NRSW-RN-4.7.0.103.pdfhttps://onekey.com/blog/security-advisory-netmodule-multiple-vulnerabilities/https://share.netmodule.com/public/system-software/4.7/4.7.0.103/NRSW-RN-4.7.0.103.pdf
2023-02-16
Published