Vulnerability Details CVE-2023-38378
The web interface on the RIGOL MSO5000 digital oscilloscope with firmware 00.01.03.00.03 allows remote attackers to execute arbitrary code via shell metacharacters in pass1 to the webcontrol changepwd.cgi application.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.5%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2023-38378
-
cpe:2.3:h:rigol:mso5000:-
-
cpe:2.3:o:rigol:mso5000_firmware:00.01.03.00.03