CVE-2023-40146
published 2024-04-17CVE-2023-40146: A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted command line argument…
PriorityP357critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.44%
69.8th percentile
A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can authenticate with hard-coded credentials and execute unblocked default busybox functionality to trigger this vulnerability.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| peplink | smart_reader | — | — |
| peplink | smart_reader_firmware | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vendor_oracle7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rgm2-gvmf-vqr7: A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1
ghsa_unreviewed·2024-04-17
CVE-2023-40146 [MEDIUM] CWE-77 GHSA-rgm2-gvmf-vqr7: A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1
A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can authenticate with hard-coded credentials and execute unblocked default busybox functionality to trigger this vulnerability.
Oracle
Oracle Oracle Financial Services Applications Risk Matrix: Infrastructure (Apache Batik) — CVE-2022-40146
vendor_oracle·2023-04-15·CVSS 7.5
CVE-2022-40146 [HIGH] Oracle Oracle Financial Services Applications Risk Matrix: Infrastructure (Apache Batik) — CVE-2022-40146
Oracle Oracle Financial Services Applications Risk Matrix: Infrastructure (Apache Batik) vulnerability
CVE: CVE-2022-40146
CVSS: 7.5
Protocol: HTTP
Remote exploit: Yes
Affected versions: Network
Advisory: cpuapr2023 (APR 2023)
Oracle
Oracle Oracle Communications Applications Risk Matrix: Utilities (Apache Batik) — CVE-2022-40146
vendor_oracle·2023-01-15·CVSS 7.5
CVE-2022-40146 [HIGH] Oracle Oracle Communications Applications Risk Matrix: Utilities (Apache Batik) — CVE-2022-40146
Oracle Oracle Communications Applications Risk Matrix: Utilities (Apache Batik) vulnerability
CVE: CVE-2022-40146
CVSS: 7.5
Protocol: HTTP
Remote exploit: Yes
Affected versions: Network
Advisory: cpujan2023 (JAN 2023)
No detection rules found.
No public exploits indexed.
Talos
Vulnerabilities in employee management system could lead to remote code execution, login credential theft
blogs_talos·2024-05-01·CVSS 5.3
[MEDIUM] Vulnerabilities in employee management system could lead to remote code execution, login credential theft
Cisco Talos’ Vulnerability Research team has disclosed more than a dozen vulnerabilities over the past three weeks, five in a device that allows employees to check in and out of their shifts, and another that exists in an open-source library used in medical device imaging files.
The Peplink Smart Reader contains several vulnerabilities, including one issue that could allow an adversary to obtain the administrator’s login credentials and the MD5-hashed version of their password.
Talos also recently helped to responsibly disclose and patch other vulnerabilities in the Foxit PDF Reader and two open-source libraries that support the processing and handling of DICOM files.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.o
Talos
Vulnerabilities in employee management system could lead to remote code execution, login credential theft
blogs_talos·2024-05-01·CVSS 5.3
[MEDIUM] Vulnerabilities in employee management system could lead to remote code execution, login credential theft
## Vulnerabilities in employee management system could lead to remote code execution, login credential theft
Cisco Talos’ Vulnerability Research team has disclosed more than a dozen vulnerabilities over the past three weeks, five in a device that allows employees to check in and out of their shifts, and another that exists in an open-source library used in medical device imaging files.
The Peplink Smart Reader contains several vulnerabilities, including one issue that could allow an adversary to obtain the administrator’s login credentials and the MD5-hashed version of their password.
Talos also recently helped to responsibly disclose and patch other vulnerabilities in the Foxit PDF Reader and two open-source libraries that support the processing and handling of DICOM files.
For Snort
https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256https://talosintelligence.com/vulnerability_reports/TALOS-2023-1868https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256https://security.netapp.com/advisory/ntap-20240822-0008/https://talosintelligence.com/vulnerability_reports/TALOS-2023-1868https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1868
2024-04-17
Published