Vulnerabilities > CVE-2023-29711 - Unspecified vulnerability in Interlink Psg-5124 Firmware 1.0.4

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

interlink

critical

NVD

Published: 2023-06-22

Updated: 2024-12-12

Summary

An incorrect access control issue was discovered in Interlink PSG-5124 version 1.0.4, allows attackers to execute arbitrary code via crafted GET request.

Vulnerable Configurations

Part	Description	Count
OS	Interlink Interlink PSG 5124 Firmware 1.0.4	1
Hardware	Interlink Interlink PSG 5124 -	1

References

https://github.com/shellpei/LINK-Unauthorized/blob/main/CVE-2023-29711
https://github.com/shellpei/LINK-Unauthorized/blob/main/CVE-2023-29711
https://holistic-height-e6d.notion.site/LINK-PSG-5124-Switch-remote-command-vulnerability-da4fd8fb450d42879b07ef3a953a2366
https://holistic-height-e6d.notion.site/LINK-PSG-5124-Switch-remote-command-vulnerability-da4fd8fb450d42879b07ef3a953a2366