Vulnerability Details CVE-2023-20820
In wlan service, there is a possible command injection due to improper input validation. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00244189; Issue ID: WCNCR00244189.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 77.1%
CVSS Severity
CVSS v3 Score 7.2
References
Products affected by CVE-2023-20820
-
cpe:2.3:h:mediatek:mt6890:-
-
cpe:2.3:h:mediatek:mt7603:-
-
cpe:2.3:h:mediatek:mt7612:-
-
cpe:2.3:h:mediatek:mt7613:-
-
cpe:2.3:h:mediatek:mt7615:-
-
cpe:2.3:h:mediatek:mt7622:-
-
cpe:2.3:h:mediatek:mt7626:-
-
cpe:2.3:h:mediatek:mt7629:-
-
cpe:2.3:h:mediatek:mt7915:-
-
cpe:2.3:h:mediatek:mt7916:-
-
cpe:2.3:h:mediatek:mt7981:-
-
cpe:2.3:h:mediatek:mt7986:-
-
cpe:2.3:h:mediatek:mt7990:-
-
cpe:2.3:o:openwrt:openwrt:19.07.0
-
cpe:2.3:o:openwrt:openwrt:21.02.0