Vulnerabilities > CVE-2023-32350 - Unspecified vulnerability in Teltonika-Networks products

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
teltonika-networks

Summary

Versions 00.07.00 through 00.07.03 of Teltonika’s RUT router firmware contain an operating system (OS) command injection vulnerability in a Lua service. An attacker could exploit a parameter in the vulnerable function that calls a user-provided package name by instead providing a package with a malicious name that contains an OS command injection payload.

Vulnerable Configurations

Part Description Count
OS
Teltonika-Networks
36
Hardware
Teltonika-Networks
18