CVE-2023-49691

CWE-78 — OS Command Injection3 documents3 sources

Severity

6.7MEDIUM

EPSS

0.1%

top 69.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Ruggedcom Rm1224 Lte(4g) EU Siemens Ruggedcom Rm1224 Lte(4g) NAM Siemens Scalance M804pb +35 more

Timeline

PublishedDec 12

Description

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.0), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.0), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (6GK5816-1BA…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages38 packages

▶CVEListV5siemens/scalance_m812-1_adsl-router< V8.0

▶CVEListV5siemens/scalance_m816-1_adsl-router< V8.0

▶CVEListV5siemens/scalance_s615_lan-router< V8.0

▶CVEListV5siemens/scalance_m826-2_shdsl-router< V8.0

▶CVEListV5siemens/scalance_s615_eec_lan-router< V8.0

🔴Vulnerability Details

GHSA

GHSA-7p78-839g-f66v: A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V8↗2023-12-12

▶

CVEList

CVE-2023-49691: A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8↗2023-12-12

▶