Vulnerability Details CVE-2023-43744
An OS command injection vulnerability in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, and MX30 with firmware versions prior to 17.0.10 patch 17161 and 16.04 patch 16109 allows an administrator to execute arbitrary OS commands via a file name parameter in a patch application function. The Zultys MX Administrator client has a "Patch Manager" section that allows administrators to apply patches to the device. The user supplied filename for the patch file is passed to a shell script without validation. Including bash command substitution characters in a patch file name results in execution of the provided command.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.9%
CVSS Severity
CVSS v3 Score 7.2
References
Products affected by CVE-2023-43744
-
cpe:2.3:h:zultys:mx-e:-
-
cpe:2.3:h:zultys:mx-se:-
-
cpe:2.3:h:zultys:mx-se_ii:-
-
cpe:2.3:h:zultys:mx-virtual:-
-
cpe:2.3:h:zultys:mx250:-
-
cpe:2.3:h:zultys:mx30:-
-
cpe:2.3:o:zultys:mx-e_firmware:-
-
cpe:2.3:o:zultys:mx-e_firmware:17.0.6
-
cpe:2.3:o:zultys:mx-se_firmware:-
-
cpe:2.3:o:zultys:mx-se_firmware:17.0.6
-
cpe:2.3:o:zultys:mx-se_ii_firmware:-
-
cpe:2.3:o:zultys:mx-se_ii_firmware:17.0.6
-
cpe:2.3:o:zultys:mx-virtual_firmware:-
-
cpe:2.3:o:zultys:mx-virtual_firmware:17.0.6
-
cpe:2.3:o:zultys:mx250_firmware:-
-
cpe:2.3:o:zultys:mx250_firmware:17.0.6
-
cpe:2.3:o:zultys:mx30_firmware:-
-
cpe:2.3:o:zultys:mx30_firmware:17.0.6