← Volver a CVEs
CVE-2023-22581
CRITICAL9.8
Descripcion
White Rabbit Switch contains a vulnerability which makes it possible for an attacker to perform system commands under the context of the web application (the default installation makes the webserver run as the root user).
Detalles CVE
Puntuacion CVSS v3.19.8
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado4/24/2023
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
home.cern:white_rabbit_switchhome.cern:white_rabbit_switch_firmware
Debilidades (CWE)
CWE-20
Referencias
https://csirt.divd.nl/CVE-2023-22581/(csirt@divd.nl)
https://csirt.divd.nl/DIVD-2022-00068/(csirt@divd.nl)
https://vuldb.com/?id.227269(nvd@nist.gov)
https://csirt.divd.nl/CVE-2023-22581/(af854a3a-2127-422b-91ae-364da2661108)
https://csirt.divd.nl/DIVD-2022-00068/(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.