CVE-2023-32350 is a high-severity OS Command Injection (CWE-78) vulnerability in Teltonika-Networks Rut200 Firmware. Its CVSS base score is 8.0 (High).
Operationally, ranked in the top 24.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Versions 00.07.00 through 00.07.03 of Teltonika’s RUT router firmware contain an operating system (OS) command injection vulnerability in a Lua service. An attacker could exploit a parameter in the vulnerable function that calls a user-provided package name by instead providing…
more
a package with a malicious name that contains an OS command injection payload.
Platform-independent apps typically execute inside a managed runtime or sandbox that restricts direct OS command execution, reducing the ability to exploit OS command injection.