Vulnerability Details CVE-2023-32349
Version 00.07.03.4 and prior of Teltonika’s RUT router firmware contain a packet dump utility that contains proper validation for filter parameters. However, variables for validation checks are stored in an external configuration file. An authenticated attacker could use an exposed UCI configuration utility to change these variables and enable malicious parameters in the dump utility, which could result in arbitrary code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.2%
CVSS Severity
CVSS v3 Score 8.0
References
Products affected by CVE-2023-32349
-
cpe:2.3:h:teltonika-networks:rut200:-
-
cpe:2.3:h:teltonika-networks:rut240:-
-
cpe:2.3:h:teltonika-networks:rut241:-
-
cpe:2.3:h:teltonika-networks:rut300:-
-
cpe:2.3:h:teltonika-networks:rut360:-
-
cpe:2.3:h:teltonika-networks:rut901:-
-
cpe:2.3:h:teltonika-networks:rut950:-
-
cpe:2.3:h:teltonika-networks:rut951:-
-
cpe:2.3:h:teltonika-networks:rut955:-
-
cpe:2.3:h:teltonika-networks:rut956:-
-
cpe:2.3:h:teltonika-networks:rutx08:-
-
cpe:2.3:h:teltonika-networks:rutx09:-
-
cpe:2.3:h:teltonika-networks:rutx10:-
-
cpe:2.3:h:teltonika-networks:rutx11:-
-
cpe:2.3:h:teltonika-networks:rutx12:-
-
cpe:2.3:h:teltonika-networks:rutx14:-
-
cpe:2.3:h:teltonika-networks:rutx50:-
-
cpe:2.3:h:teltonika-networks:rutxr1:-
-
cpe:2.3:o:teltonika-networks:rut200_firmware:-
-
cpe:2.3:o:teltonika-networks:rut200_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rut200_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rut200_firmware:00.07.03.4
-
cpe:2.3:o:teltonika-networks:rut240_firmware:-
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.01
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.01.2
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.01.4
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.02
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.02.1
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.02.2
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.02.4
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.02.5
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.02.6
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.02.7
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.03.1
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.03.2
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.03.3
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.03.4
-
cpe:2.3:o:teltonika-networks:rut241_firmware:-
-
cpe:2.3:o:teltonika-networks:rut241_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rut241_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rut241_firmware:00.07.03.4
-
cpe:2.3:o:teltonika-networks:rut300_firmware:-
-
cpe:2.3:o:teltonika-networks:rut300_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rut300_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rut300_firmware:00.07.03.4
-
cpe:2.3:o:teltonika-networks:rut360_firmware:-
-
cpe:2.3:o:teltonika-networks:rut360_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rut360_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rut360_firmware:00.07.03.4
-
cpe:2.3:o:teltonika-networks:rut901_firmware:-
-
cpe:2.3:o:teltonika-networks:rut901_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rut901_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rut901_firmware:00.07.03.4
-
cpe:2.3:o:teltonika-networks:rut950_firmware:-
-
cpe:2.3:o:teltonika-networks:rut950_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rut950_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rut950_firmware:00.07.03.4
-
cpe:2.3:o:teltonika-networks:rut951_firmware:-
-
cpe:2.3:o:teltonika-networks:rut951_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rut951_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rut951_firmware:00.07.03.4
-
cpe:2.3:o:teltonika-networks:rut955_firmware:-
-
cpe:2.3:o:teltonika-networks:rut955_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rut955_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rut955_firmware:00.07.03.4
-
cpe:2.3:o:teltonika-networks:rut956_firmware:-
-
cpe:2.3:o:teltonika-networks:rut956_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rut956_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rut956_firmware:00.07.03.4
-
cpe:2.3:o:teltonika-networks:rutx08_firmware:-
-
cpe:2.3:o:teltonika-networks:rutx08_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rutx08_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rutx08_firmware:00.07.03.4
-
cpe:2.3:o:teltonika-networks:rutx09_firmware:-
-
cpe:2.3:o:teltonika-networks:rutx09_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rutx09_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rutx09_firmware:00.07.03.4
-
cpe:2.3:o:teltonika-networks:rutx10_firmware:-
-
cpe:2.3:o:teltonika-networks:rutx10_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rutx10_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rutx10_firmware:00.07.03.4
-
cpe:2.3:o:teltonika-networks:rutx11_firmware:-
-
cpe:2.3:o:teltonika-networks:rutx11_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rutx11_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rutx11_firmware:00.07.03.4
-
cpe:2.3:o:teltonika-networks:rutx12_firmware:-
-
cpe:2.3:o:teltonika-networks:rutx12_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rutx12_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rutx12_firmware:00.07.03.4
-
cpe:2.3:o:teltonika-networks:rutx14_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rutx14_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rutx14_firmware:00.07.03.4
-
cpe:2.3:o:teltonika-networks:rutx50_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rutx50_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rutx50_firmware:00.07.03.4
-
cpe:2.3:o:teltonika-networks:rutxr1_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rutxr1_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rutxr1_firmware:00.07.03.4