CVE-2023-43744
published 2023-12-08CVE-2023-43744: An OS command injection vulnerability in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, and MX30 with firmware versions prior to 17.0.10 patch 17161 and…
PriorityP352high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EPSS
1.99%
78.1th percentile
An OS command injection vulnerability in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, and MX30 with firmware versions prior to 17.0.10 patch 17161 and 16.04 patch 16109 allows an administrator to execute arbitrary OS commands via a file name parameter in a patch application function. The Zultys MX Administrator client has a "Patch Manager" section that allows administrators to apply patches to the device. The user supplied filename for the patch file is passed to a shell script without validation. Including bash command substitution characters in a patch file name results in execution of the provided command.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zultys | mx-e_firmware | < 16.0.4 | 16.0.4 |
| zultys | mx-e_firmware | >= 17.0.6 < 17.0.10 | 17.0.10 |
| zultys | mx-se_firmware | < 16.0.4 | 16.0.4 |
| zultys | mx-se_firmware | >= 17.0.6 < 17.0.10 | 17.0.10 |
| zultys | mx-se_ii_firmware | < 16.0.4 | 16.0.4 |
| zultys | mx-se_ii_firmware | >= 17.0.6 < 17.0.10 | 17.0.10 |
| zultys | mx-virtual_firmware | < 16.0.4 | 16.0.4 |
| zultys | mx-virtual_firmware | >= 17.0.6 < 17.0.10 | 17.0.10 |
| zultys | mx250_firmware | < 16.0.4 | 16.0.4 |
| zultys | mx250_firmware | >= 17.0.6 < 17.0.10 | 17.0.10 |
| zultys | mx30_firmware | < 16.0.4 | 16.0.4 |
| zultys | mx30_firmware | >= 17.0.6 < 17.0.10 | 17.0.10 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-12-08
Published