WFS-SR03 v1.0.3 was discovered to contain a command injection vulnerability via the sys_smb_pwdmod function.
References
Link | Resource |
---|---|
https://sore-pail-31b.notion.site/command-injection-WFS-SR03-7cddf0ac85e54f8ba81d9b26b00ca5cd | Exploit Third Party Advisory |
Configurations
History
19 Apr 2023, 19:29
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://sore-pail-31b.notion.site/command-injection-WFS-SR03-7cddf0ac85e54f8ba81d9b26b00ca5cd - Exploit, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
CPE | cpe:2.3:h:iodata:wfs-sr03k:-:*:*:*:*:*:*:* cpe:2.3:h:iodata:wfs-sr03w:-:*:*:*:*:*:*:* cpe:2.3:o:iodata:wfs-sr03k_firmware:1.03:*:*:*:*:*:*:* cpe:2.3:o:iodata:wfs-sr03w_firmware:1.03:*:*:*:*:*:*:* |
|
First Time |
Iodata wfs-sr03w Firmware
Iodata wfs-sr03k Iodata wfs-sr03w Iodata Iodata wfs-sr03k Firmware |
|
CWE | CWE-78 |
14 Apr 2023, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-04-14 14:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-29804
Mitre link : CVE-2023-29804
CVE.ORG link : CVE-2023-29804
JSON object : View
Products Affected
iodata
- wfs-sr03k
- wfs-sr03w
- wfs-sr03w_firmware
- wfs-sr03k_firmware
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')