CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-6260

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Brivo ACS100, ACS300 allows OS Command Injection, Bypassing Physical Security.This issue affects ACS100 (Network Adjacent Access), ACS300 (Physical Access): from 5.2.4 before 6.2.4.3.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.7%

CVSS Severity

CVSS v3 Score 9.0

References

Products affected by CVE-2023-6260

Brivo » Acs100 » Version: N/A

cpe:2.3:h:brivo:acs100:-
Brivo » Acs300 » Version: N/A

cpe:2.3:h:brivo:acs300:-
Brivo » Acs100 Firmware » Version: 5.2.4

cpe:2.3:o:brivo:acs100_firmware:5.2.4
Brivo » Acs100 Firmware » Version: 6.2.4

cpe:2.3:o:brivo:acs100_firmware:6.2.4
Brivo » Acs100 Firmware » Version: 6.2.4.1

cpe:2.3:o:brivo:acs100_firmware:6.2.4.1
Brivo » Acs100 Firmware » Version: 6.2.4.2

cpe:2.3:o:brivo:acs100_firmware:6.2.4.2
Brivo » Acs100 Firmware » Version: 6.2.4.3

cpe:2.3:o:brivo:acs100_firmware:6.2.4.3
Brivo » Acs300 Firmware » Version: 5.2.4

cpe:2.3:o:brivo:acs300_firmware:5.2.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-6260

Products

Pricing

Contact Us