CVE-2023-26213

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-26213
On Barracuda CloudGen WAN Private Edge Gateway devices before 8 webui-sdwan-1089-8.3.1-174141891, an OS command injection vulnerability exists in /ajax/update_certificate - a crafted HTTP request allows an authenticated attacker to execute arbitrary commands. For example, a name field can contain :password and a password field can contain shell metacharacters.

7.2 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
http://seclists.org/fulldisclosure/2023/Mar/2 Exploit Mailing List Third Party Advisory
https://campus.barracuda.com/product/cloudgenwan/doc/96024723/release-notes-8-3-1/ Release Notes
https://sec-consult.com/vulnerability-lab/advisory/os-command-injection-in-barracuda-cloudgen-wan/ Exploit Third Party Advisory
https://www.barracuda.com/products/network-security/cloudgen-wan Product
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:barracuda:t100b_firmware:8.3.1:-:*:*:*:*:*:*
cpe:2.3:h:barracuda:t100b:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:barracuda:t200c_firmware:8.3.1:-:*:*:*:*:*:*
cpe:2.3:h:barracuda:t200c:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:barracuda:t400c_firmware:8.3.1:-:*:*:*:*:*:*
cpe:2.3:h:barracuda:t400c:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:barracuda:t600d_firmware:8.3.1:-:*:*:*:*:*:*
cpe:2.3:h:barracuda:t600d:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:barracuda:t900b_firmware:8.3.1:-:*:*:*:*:*:*
cpe:2.3:h:barracuda:t900b:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:barracuda:t93a_firmware:8.3.1:-:*:*:*:*:*:*
cpe:2.3:h:barracuda:t93a:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:barracuda:t193a_firmware:8.3.1:-:*:*:*:*:*:*
cpe:2.3:h:barracuda:t193a:-:*:*:*:*:*:*:*
History

10 Mar 2023, 14:53

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.2
CPE cpe:2.3:h:barracuda:t900b:-:*:*:*:*:*:*:*
cpe:2.3:o:barracuda:t193a_firmware:8.3.1:-:*:*:*:*:*:*
cpe:2.3:h:barracuda:t193a:-:*:*:*:*:*:*:*
cpe:2.3:o:barracuda:t100b_firmware:8.3.1:-:*:*:*:*:*:*
cpe:2.3:o:barracuda:t93a_firmware:8.3.1:-:*:*:*:*:*:*
cpe:2.3:h:barracuda:t100b:-:*:*:*:*:*:*:*
cpe:2.3:o:barracuda:t900b_firmware:8.3.1:-:*:*:*:*:*:*
cpe:2.3:o:barracuda:t400c_firmware:8.3.1:-:*:*:*:*:*:*
cpe:2.3:h:barracuda:t400c:-:*:*:*:*:*:*:*
cpe:2.3:h:barracuda:t600d:-:*:*:*:*:*:*:*
cpe:2.3:h:barracuda:t93a:-:*:*:*:*:*:*:*
cpe:2.3:h:barracuda:t200c:-:*:*:*:*:*:*:*
cpe:2.3:o:barracuda:t200c_firmware:8.3.1:-:*:*:*:*:*:*
cpe:2.3:o:barracuda:t600d_firmware:8.3.1:-:*:*:*:*:*:*
CWE CWE-78
First Time Barracuda t900b Firmware
Barracuda t900b
Barracuda t100b Firmware
Barracuda t400c Firmware
Barracuda t93a Firmware
Barracuda
Barracuda t200c
Barracuda t93a
Barracuda t200c Firmware
Barracuda t600d
Barracuda t400c
Barracuda t600d Firmware
Barracuda t100b
Barracuda t193a
Barracuda t193a Firmware
References (CONFIRM) https://campus.barracuda.com/product/cloudgenwan/doc/96024723/release-notes-8-3-1/ - (CONFIRM) https://campus.barracuda.com/product/cloudgenwan/doc/96024723/release-notes-8-3-1/ - Release Notes
References (FULLDISC) http://seclists.org/fulldisclosure/2023/Mar/2 - (FULLDISC) http://seclists.org/fulldisclosure/2023/Mar/2 - Exploit, Mailing List, Third Party Advisory
References (MISC) https://sec-consult.com/vulnerability-lab/advisory/os-command-injection-in-barracuda-cloudgen-wan/ - (MISC) https://sec-consult.com/vulnerability-lab/advisory/os-command-injection-in-barracuda-cloudgen-wan/ - Exploit, Third Party Advisory
References (MISC) https://www.barracuda.com/products/network-security/cloudgen-wan - (MISC) https://www.barracuda.com/products/network-security/cloudgen-wan - Product

03 Mar 2023, 22:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-03-03 22:15

Updated : 2023-12-10 14:48

NVD link : CVE-2023-26213

Mitre link : CVE-2023-26213

CVE.ORG link : CVE-2023-26213

JSON object : View

Products Affected

barracuda

  • t100b_firmware
  • t400c
  • t100b
  • t600d_firmware
  • t93a_firmware
  • t200c_firmware
  • t193a_firmware
  • t400c_firmware
  • t193a
  • t900b_firmware
  • t93a
  • t600d
  • t200c
  • t900b
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')