Vulnerabilities > CVE-2023-46510 - Unspecified vulnerability in Zioncom A7000R Firmware 4.1Cu.4154

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

zioncom

critical

NVD

Published: 2023-10-27

Updated: 2023-11-08

Summary

An issue in ZIONCOM (Hong Kong) Technology Limited A7000R v.4.1cu.4154 allows an attacker to execute arbitrary code via the cig-bin/cstecgi.cgi to the settings/setPasswordCfg function.

Vulnerable Configurations

Part	Description	Count
OS	Zioncom Zioncom A7000R Firmware 4.1Cu.4154	1
Hardware	Zioncom Zioncom A7000R -	1

References

https://gist.github.com/ATonysan/58ace23d539981441bca16ce0f7585e2