HIGH🇵🇱 Wersja polska

CVE-2023-41352

CVSS 7.2v3.1pub. 2023-11-03upd. 2024-11-21

Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient filtering for user input. A remote attacker with administrator privilege can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system or terminate services.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Nokia G 040w Q

    HW
    Nokia
    wszystkie wersje
  • Nokia G 040w Q Firmware

    OS
    Nokia
    g040wqr201207
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Command Injection
CWE
References

Related vulnerabilities

CVE-2023-41351CRITICAL9.8ten sam produkt

Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of authentication bypass, which allows an unauthenticated ...

CVE-2023-41355CRITICAL9.8ten sam produkt

Chunghwa Telecom NOKIA G-040W-Q Firewall function has a vulnerability of input validation for ICMP redirect me...

CVE-2023-41350HIGH7.5ten sam produkt

Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient measures to prevent multiple failed authen...

CVE-2023-41353HIGH8.8ten sam produkt

Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. A remote attacker with regu...

CVE-2023-41354MEDIUM4.0ten sam produkt

Chunghwa Telecom NOKIA G-040W-Q Firewall function does not block ICMP TIMESTAMP requests by default, an unauth...