Lucene search

MitreCVE-2023-52026

HistoryJan 12, 2024 - 1:15 p.m.

CVE-2023-52026

2024-01-1213:15:11

mitre

web.nvd.nist.gov

totolink

ex1800t

v9.1.0cu.2112_b20220316

rce

remote command execution

vulnerability

telnet_enabled

settelnetcfg

nvd

cve-2023-52026

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.001

Percentile

49.4%

JSON

TOTOlink EX1800T V9.1.0cu.2112_B20220316 was discovered to contain a remote command execution (RCE) vulnerability via the telnet_enabled parameter of the setTelnetCfg interface

Affected configurations

Nvd

Node

totolinkex1800tMatch-

AND

totolinkex1800t_firmwareMatch9.1.0cu.2112_b20220316

VendorProductVersionCPE
totolinkex1800t-cpe:2.3:h:totolink:ex1800t:-:*:*:*:*:*:*:*
totolinkex1800t_firmware9.1.0cu.2112_b20220316cpe:2.3:o:totolink:ex1800t_firmware:9.1.0cu.2112_b20220316:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
totolink	ex1800t	-	cpe:2.3:h:totolink:ex1800t:-:::::::*
totolink	ex1800t_firmware	9.1.0cu.2112_b20220316	cpe:2.3:o:totolink:ex1800t_firmware:9.1.0cu.2112_b20220316:::::::*

References

815yang.github.io/2023/12/11/EX1800T/2/TOTOlinkEX1800T_V9.1.0cu.2112_B2022031setTelnetCfg/

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.001

Percentile

49.4%

JSON

Related for CVE-2023-52026