Vulnerability Details CVE-2023-43752
OS command injection vulnerability in WRC-X3000GS2-W v1.05 and earlier, WRC-X3000GS2-B v1.05 and earlier, and WRC-X3000GS2A-B v1.05 and earlier allows a network-adjacent authenticated user to execute an arbitrary OS command by sending a specially crafted request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.3%
CVSS Severity
CVSS v3 Score 8.0
References
Products affected by CVE-2023-43752
-
cpe:2.3:h:elecom:wrc-x3000gs2-b:-
-
cpe:2.3:h:elecom:wrc-x3000gs2-w:-
-
cpe:2.3:h:elecom:wrc-x3000gs2a-b:-
-
cpe:2.3:o:elecom:wrc-x3000gs2-b_firmware:-
-
cpe:2.3:o:elecom:wrc-x3000gs2-w_firmware:-
-
cpe:2.3:o:elecom:wrc-x3000gs2a-b_firmware:-