Cyber Resilience

CVE-2023-52163

HighCISA KEVActive ExploitationEUVD ExploitedPublic PoC

Published: 03 February 2025

Published
03 February 2025
Modified
24 December 2025
KEV Added
22 December 2025
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.7266 98.8th percentile
Risk Priority 81 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-52163 is a high-severity Missing Authorization (CWE-862) vulnerability in Digiever Ds-2105 Pro Firmware. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 1.2% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SA-22 (Unsupported System Components).

Deeper analysis

CVE-2023-52163 is a command injection vulnerability in the time_tzsetup.cgi endpoint of Digiever DS-2105 Pro devices running firmware version 3.1.0.71-11. The flaw stems from missing authorization checks (CWE-862) that allow improper handling of user-supplied input, and the vendor has stated that the affected products are no longer supported.

An attacker with low-privileged network access can supply crafted parameters to the CGI script and execute arbitrary commands on the device. Successful exploitation yields full control over confidentiality, integrity, and availability of the affected system, consistent with the CVSS 8.8 rating.

Public advisories from Akamai, TXOne, and Fortinet document the issue and note the lack of vendor patches for unsupported hardware, while CISA has added the CVE to its Known Exploited Vulnerabilities catalog. The EPSS score rose sharply from low values after disclosure to a peak of 0.7554 in April 2026 before receding to the current 0.7266, indicating sustained post-disclosure exploitation interest against these IoT devices.

EU & UK References

Vulnerability details

Digiever DS-2105 Pro 3.1.0.71-11 devices allow time_tzsetup.cgi Command Injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CWE(s)
KEV Date Added
22 December 2025

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1059.004 Unix Shell Execution
Adversaries may abuse Unix shell commands and scripts for execution.
Why these techniques?

Command injection in publicly exposed CGI endpoint enables remote arbitrary Unix shell command execution on the device.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-6205Shared CWE-862both on KEV
CVE-2025-20362Shared CWE-862both on KEV
CVE-2025-46811Shared CWE-862
CVE-2023-7317Shared CWE-862
CVE-2024-57726Shared CWE-862both on KEV
CVE-2026-45209Shared CWE-862
CVE-2026-25026Shared CWE-862
CVE-2026-42083Shared CWE-862
CVE-2026-0656Shared CWE-862
CVE-2026-24532Shared CWE-862

Affected Assets

digiever
ds-2105 pro firmware
3.1.0.71-11
digiever
ds-2105 pro\+ firmware
3.1.0.71-11

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Prohibits use of unsupported system components like the end-of-support Digiever DS-2105 Pro devices, eliminating exposure to this unpatchable command injection vulnerability.

prevent

Enforces approved authorizations for access to the time_tzsetup.cgi endpoint, directly countering the missing authorization (CWE-862) that enables low-privileged attackers to inject commands.

prevent

Validates inputs to the time_tzsetup.cgi component to detect and reject command injection payloads, preventing arbitrary command execution.

References