Lucene search
HistoryMar 26, 2023 - 9:15 p.m.
CVE-2023-26801
cve-2023-26801
command injection
limitclient_cfg
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.015 Low
EPSS
Percentile
86.8%
LB-LINK BL-AC1900_2.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command injection vulnerability via the mac, time1, and time2 parameters at /goform/set_LimitClient_cfg.
Affected configurations
Node
lb-linkbl-lte300_firmwareMatch1.0.8
lb-linkbl-lte300Match-
Node
lb-linkbl-x26_firmwareMatch1.2.5
lb-linkbl-x26Match-
Node
lb-linkbl-wr9000_firmwareMatch2.4.9
lb-linkbl-wr9000Match-
Node
lb-linkbl-ac1900_firmwareMatch1.0.1
lb-linkbl-ac1900Match2.0
Related
cvelist
cvelist
CVE-2023-26801
2023-03-26 00:00:00
akamaiblog
akamaiblog
thn
thn
New Cryptocurrency Mining Campaign Targets Linux Systems and IoT Devices
2023-06-23 07:30:00
cve
cve
CVE-2023-26801
2023-03-26 21:15:07
prion
prion
Command injection
2023-03-26 21:15:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.015 Low
EPSS
Percentile
86.8%
Related for NVD:CVE-2023-26801