Vulnerability Details CVE-2023-49695
OS command injection vulnerability in WRC-X3000GSN v1.0.2, WRC-X3000GS v1.0.24 and earlier, and WRC-X3000GSA v1.0.24 and earlier allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command by sending a specially crafted request to the product.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.5%
CVSS Severity
CVSS v3 Score 6.8
References
Products affected by CVE-2023-49695
-
cpe:2.3:h:elecom:wrc-x3000gs:-
-
cpe:2.3:h:elecom:wrc-x3000gsa:-
-
cpe:2.3:h:elecom:wrc-x3000gsn:-
-
cpe:2.3:o:elecom:wrc-x3000gs_firmware:-
-
cpe:2.3:o:elecom:wrc-x3000gs_firmware:1.0.24
-
cpe:2.3:o:elecom:wrc-x3000gsa_firmware:-
-
cpe:2.3:o:elecom:wrc-x3000gsa_firmware:1.0.24
-
cpe:2.3:o:elecom:wrc-x3000gsn_firmware:1.0.2