CVE-2023-32349

HIGH Year: 2023
CVSS v3 Score
8.8
High
Weakness Type
CWE-15
View all →

Vulnerability Description

Version 00.07.03.4 and prior of Teltonika’s RUT router firmware contain a packet dump utility that contains proper validation for filter parameters. However, variables for validation checks are stored in an external configuration file. An authenticated attacker could use an exposed UCI configuration utility to change these variables and enable malicious parameters in the dump utility, which could result in arbitrary code execution.

Related Vulnerabilities

CVE-2021-27406

HIGH
CVSS:8.8(High)

An attacker can take leverage on PerFact OpenVPN-Client versions 1.4.1.0 and prior to send the config command from any application running on the local host machine to force the back-end server into i...

CWE-152021

CVE-2023-3321

HIGH
CVSS:8.8(High)

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially craf...

CWE-152023

CVE-2023-46248

HIGH
CVSS:8.8(High)

Cody is an artificial intelligence (AI) coding assistant. The Cody AI VSCode extension versions 0.10.0 through 0.14.0 are vulnerable to Remote Code Execution under certain conditions. An attacker in c...

CWE-152023

CVE-2023-4704

HIGH
CVSS:8.8(High)

External Control of System or Configuration Setting in GitHub repository instantsoft/icms2 prior to 2.16.1-git.

CWE-152023

CVE-2024-10979

HIGH
CVSS:8.8(High)

Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbit...

CWE-152024

CVE-2021-38453

CRITICAL
CVSS:9.1(Critical)

Some API functions allow interaction with the registry, which includes reading values as well as data modification.

CWE-152021