CVE-2023-43477
Published: 20 September 2023
Summary
CVE-2023-43477 is a medium-severity Command Injection (CWE-77) vulnerability in Telstra Arcadyan Lh1000 Firmware. Its CVSS base score is 6.8 (Medium).
Operationally, ranked in the top 4.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
The vulnerability CVE-2023-43477 is a command injection flaw (CWE-77) in the web UI of the Telstra Smart Modem Gen 2 (Arcadyan LH1000) on firmware versions prior to 0.18.15r. Specifically, the ping_from parameter in ping_tracerte.cgi is not sanitized before being passed to a system call, allowing arbitrary command execution.
An authenticated attacker with high privileges on an adjacent network can supply a malicious ping_from value to achieve command injection as root on the device, resulting in full control over the modem.
The referenced Tenable advisory at https://www.tenable.com/security/research/tra-2023-19 addresses the issue in affected firmware, with the provided version information indicating that upgrading to 0.18.15r or later resolves the improper input handling.
The EPSS score remains flat at 0.2077 with no material rise observed.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-47892
Vulnerability details
The ping_from parameter of ping_tracerte.cgi in the web UI of Telstra Smart Modem Gen 2 (Arcadyan LH1000), firmware versions < 0.18.15r, was not properly sanitized before being used in a system call, which could allow an authenticated attacker to achieve…
more
command injection as root on the device.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.