CVE-2023-0861

NetModule NSRW web administration interface executes an OS command constructed with unsanitized user input. A successful exploit could allow an authenticated user to execute arbitrary commands with elevated privileges. This issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://onekey.com/blog/security-advisory-netmodule-multiple-vulnerabilities	Third Party Advisory
https://share.netmodule.com/public/system-software/4.7/4.7.0.103/NRSW-RN-4.7.0.103.pdf	Release Notes

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:netmodule:netmodule_router_software::::::::
	cpe:2.3:a:netmodule:netmodule_router_software::::::::
	cpe:2.3:a:netmodule:netmodule_router_software::::::::
	cpe:2.3:a:netmodule:netmodule_router_software::::::::

OR	cpe:2.3:h:netmodule:nb1601:-:::::::*
	cpe:2.3:h:netmodule:nb1800:-:::::::*
	cpe:2.3:h:netmodule:nb1810:-:::::::*
	cpe:2.3:h:netmodule:nb2800:-:::::::*
	cpe:2.3:h:netmodule:nb2810:-:::::::*
	cpe:2.3:h:netmodule:nb3701:-:::::::*
	cpe:2.3:h:netmodule:nb3800:-:::::::*
	cpe:2.3:h:netmodule:nb800:-:::::::*
	cpe:2.3:h:netmodule:ng800:-:::::::*

History

24 Feb 2023, 18:11

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-02-16 09:15

Updated : 2024-02-04 23:14

NVD link : CVE-2023-0861

Mitre link : CVE-2023-0861

CVE.ORG link : CVE-2023-0861

JSON object : View

Products Affected

netmodule

nb1800
nb1601
nb1810
nb3800
netmodule_router_software
nb2810
ng800
nb800
nb3701
nb2800

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

{"id": "CVE-2023-0861", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "research@onekey.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2023-02-16T09:15:10.237", "references": [{"url": "https://onekey.com/blog/security-advisory-netmodule-multiple-vulnerabilities", "tags": ["Third Party Advisory"], "source": "research@onekey.com"}, {"url": "https://share.netmodule.com/public/system-software/4.7/4.7.0.103/NRSW-RN-4.7.0.103.pdf", "tags": ["Release Notes"], "source": "research@onekey.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}, {"type": "Secondary", "source": "research@onekey.com", "description": [{"lang": "en", "value": "CWE-77"}]}], "descriptions": [{"lang": "en", "value": "NetModule NSRW web administration interface executes an OS command constructed with unsanitized user input.\u00a0A successful exploit could allow an authenticated user to execute arbitrary commands with elevated privileges.\nThis issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103.\n\n"}], "lastModified": "2023-11-07T04:01:43.933", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:netmodule:netmodule_router_software:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA6AD24E-E27F-4078-8066-AB0E0D1CAA33", "versionEndExcluding": "4.3.0.119", "versionStartIncluding": "4.3.0.0"}, {"criteria": "cpe:2.3:a:netmodule:netmodule_router_software:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8000F0E9-A55B-472E-B71E-20097FC15C58", "versionEndExcluding": "4.4.0.118", "versionStartIncluding": "4.4.0.0"}, {"criteria": "cpe:2.3:a:netmodule:netmodule_router_software:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFFBFAD7-53CB-4755-A338-2FE945B3689F", "versionEndExcluding": "4.6.0.105", "versionStartIncluding": "4.6.0.0"}, {"criteria": "cpe:2.3:a:netmodule:netmodule_router_software:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B543F356-8395-4F7E-A3C8-1A5DB362533C", "versionEndExcluding": "4.7.0.103", "versionStartIncluding": "4.7.0.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netmodule:nb1601:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5C90BC32-C405-4178-B944-9CF39C212C46"}, {"criteria": "cpe:2.3:h:netmodule:nb1800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A80AE348-C415-4B5F-B359-26E2F2A132F7"}, {"criteria": "cpe:2.3:h:netmodule:nb1810:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A3CF8E81-2EB5-4CDC-9FC9-CEAF4E1E7514"}, {"criteria": "cpe:2.3:h:netmodule:nb2800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EFF579A1-A31C-47F3-912A-43F5B4894497"}, {"criteria": "cpe:2.3:h:netmodule:nb2810:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "41310FAF-CD23-4126-942D-DA950A96DF3E"}, {"criteria": "cpe:2.3:h:netmodule:nb3701:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "962F7AFA-76A3-4F83-AA2C-AB168C644104"}, {"criteria": "cpe:2.3:h:netmodule:nb3800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7120564A-4FE0-403E-A976-9658A665E51A"}, {"criteria": "cpe:2.3:h:netmodule:nb800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3B550124-772B-4384-BA89-72B68E01F61E"}, {"criteria": "cpe:2.3:h:netmodule:ng800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0408E588-146F-4AD2-9D58-A12EBA83A697"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "research@onekey.com"}