CVE-2023-50381
published 2024-07-08CVE-2023-50381: Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP…
PriorityP278high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
3.19%
86.5th percentile
Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command injection is related to the `targetAPSsid` request's parameter.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| level1 | wbr-6013_firmware | — | — |
| levelone | wbr-6013 | — | — |
| realtek | rtl819x_jungle_sdk | — | — |
| realtek | rtl819x_jungle_software_development_kit | — | — |
CVSS provenance
nvdv3.17.2HIGHCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
vulncheck7.2HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-2rg9-mqj3-xwq5: Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3
ghsa_unreviewed·2024-07-08
CVE-2023-50381 [HIGH] CWE-78 GHSA-2rg9-mqj3-xwq5: Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3
Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command injection is related to the `targetAPSsid` request's parameter.
VulnCheck
realtek rtl819x_jungle_software_development_kit Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
vulncheck·2023·CVSS 7.2
CVE-2023-50381 [HIGH] realtek rtl819x_jungle_software_development_kit Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
realtek rtl819x_jungle_software_development_kit Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command injection is related to the `targetAPSsid` request's parameter.
Affected: realtek rtl819x_jungle_software_development_kit
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://blog.xlab.qianxin.com/super-large-scale-botnet-
No detection rules found.
No public exploits indexed.
Talos
15 vulnerabilities discovered in software development kit for wireless routers
blogs_talos·2024-07-10·CVSS 7.2
[HIGH] 15 vulnerabilities discovered in software development kit for wireless routers
## 15 vulnerabilities discovered in software development kit for wireless routers
Cisco Talos’ Vulnerability Research team recently discovered 15 vulnerabilities in the Realtek rtl819x Jungle software development kit used in some small and home office wireless routers.
This SDK uses the discontinued, open-source Boa as its web server. Talos researchers discovered these vulnerabilities in the Jungle SDK while researching other vulnerabilities in the LevelOne WBR-6013 wireless router, which are also covered in this blog post.
Realtek has patched these issues in the SDK, all in adherence to Cisco’s third-party vulnerability disclosure policy, while LevelOne has declined to release a fix.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule
Talos
15 vulnerabilities discovered in software development kit for wireless routers
blogs_talos·2024-07-10·CVSS 7.2
[HIGH] 15 vulnerabilities discovered in software development kit for wireless routers
Cisco Talos’ Vulnerability Research team recently discovered 15 vulnerabilities in the Realtek rtl819x Jungle software development kit used in some small and home office wireless routers.
This SDK uses the discontinued, open-source Boa as its web server. Talos researchers discovered these vulnerabilities in the Jungle SDK while researching other vulnerabilities in the LevelOne WBR-6013 wireless router, which are also covered in this blog post.
Realtek has patched these issues in the SDK, all in adherence to Cisco’s third-party vulnerability disclosure policy, while LevelOne has declined to release a fix.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on
2024-07-08
Published
Exploited in the wild