CVE-2023-27826

{"id": "CVE-2023-27826", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2023-04-12T13:15:07.573", "references": [{"url": "https://pastebin.com/raw/buhVV7iL", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://usermanual.wiki/SEOWON-INTECH/SWC5100W", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://www.exploit-db.com/exploits/51311", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "SeowonIntech SWC 5100W WIMAX Bootloader 1.18.19.0, HW 0.0.7.0, and FW 1.11.0.1, 1.9.9.4 are vulnerable to OS Command Injection. which allows attackers to take over the system with root privilege by abusing doSystem() function."}], "lastModified": "2023-04-19T19:31:38.960", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:seowonintech:swc-5100w_firmware:1.9.9.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A87515A7-7BC2-40C9-ABC7-AFBD140D78AA"}, {"criteria": "cpe:2.3:o:seowonintech:swc-5100w_firmware:1.11.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E2D3D17-8900-4C3E-9A22-AD0E1564A4B4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:seowonintech:swc-5100w:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "07996E93-A808-4A07-8C3D-5734B3D971ED"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}