CVE-2023-38829
Published: 11 September 2023
Summary
CVE-2023-38829 is a high-severity Command Injection (CWE-77) vulnerability in Netis-Systems Wf2409E Firmware. Its CVSS base score is 8.8 (High).
Operationally, ranked in the top 4.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CVE-2023-38829 is a command injection vulnerability, identified as CWE-77, that affects the diagnostic tools component of the NETIS SYSTEMS WF2409E wireless router running firmware version 3.6.42541. The flaw is present in the ping and traceroute functions exposed through the admin management interface and received a CVSS 3.1 score of 8.8.
An attacker who has obtained valid administrative credentials can send specially crafted requests to these functions over the network, resulting in arbitrary code execution on the device. This grants the attacker the ability to read or modify sensitive data, alter device configuration, or leverage the router for further network attacks.
Public proof-of-concept exploit code targeting the vulnerability has been published on GitHub. The associated EPSS score stands at 0.1784 with no material rise from a lower baseline.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-42602
Vulnerability details
An issue in NETIS SYSTEMS WF2409E v.3.6.42541 allows a remote attacker to execute arbitrary code via the ping and traceroute functions of the diagnostic tools component in the admin management interface.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.