Vulnerability Details CVE-2023-32350
Versions 00.07.00 through 00.07.03 of Teltonika’s RUT router firmware contain an operating system (OS) command injection vulnerability in a Lua service. An attacker could exploit a parameter in the vulnerable function that calls a user-provided package name by instead providing a package with a malicious name that contains an OS command injection payload.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.7%
CVSS Severity
CVSS v3 Score 8.0
References
Products affected by CVE-2023-32350
-
cpe:2.3:h:teltonika-networks:rut200:-
-
cpe:2.3:h:teltonika-networks:rut240:-
-
cpe:2.3:h:teltonika-networks:rut241:-
-
cpe:2.3:h:teltonika-networks:rut300:-
-
cpe:2.3:h:teltonika-networks:rut360:-
-
cpe:2.3:h:teltonika-networks:rut901:-
-
cpe:2.3:h:teltonika-networks:rut950:-
-
cpe:2.3:h:teltonika-networks:rut951:-
-
cpe:2.3:h:teltonika-networks:rut955:-
-
cpe:2.3:h:teltonika-networks:rut956:-
-
cpe:2.3:h:teltonika-networks:rutx08:-
-
cpe:2.3:h:teltonika-networks:rutx09:-
-
cpe:2.3:h:teltonika-networks:rutx10:-
-
cpe:2.3:h:teltonika-networks:rutx11:-
-
cpe:2.3:h:teltonika-networks:rutx12:-
-
cpe:2.3:h:teltonika-networks:rutx14:-
-
cpe:2.3:h:teltonika-networks:rutx50:-
-
cpe:2.3:h:teltonika-networks:rutxr1:-
-
cpe:2.3:o:teltonika-networks:rut200_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rut200_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.01
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.01.2
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.01.4
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.02
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.02.1
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.02.2
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.02.4
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.02.5
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.02.6
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.02.7
-
cpe:2.3:o:teltonika-networks:rut240_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rut241_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rut241_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rut300_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rut300_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rut360_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rut360_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rut901_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rut901_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rut950_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rut950_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rut951_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rut951_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rut955_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rut955_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rut956_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rut956_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rutx08_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rutx08_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rutx09_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rutx09_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rutx10_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rutx10_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rutx11_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rutx11_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rutx12_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rutx12_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rutx14_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rutx14_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rutx50_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rutx50_firmware:00.07.03
-
cpe:2.3:o:teltonika-networks:rutxr1_firmware:00.07.00
-
cpe:2.3:o:teltonika-networks:rutxr1_firmware:00.07.03