CVE-2023-43478

fake_upload.cgi on the Telstra Smart Modem Gen 2 (Arcadyan LH1000), firmware versions < 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution as root.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.tenable.com/security/research/tra-2023-19	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:telstra:arcadyan_lh1000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:telstra:arcadyan_lh1000:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2023-09-20 14:15

Updated : 2023-09-22 18:36

NVD link : CVE-2023-43478

Mitre link : CVE-2023-43478

CVE.ORG link : CVE-2023-43478

JSON object : View

Products Affected

telstra

arcadyan_lh1000_firmware
arcadyan_lh1000

CWE

CWE-434

Unrestricted Upload of File with Dangerous Type

{"id": "CVE-2023-43478", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "vulnreport@tenable.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2023-09-20T14:15:15.127", "references": [{"url": "https://www.tenable.com/security/research/tra-2023-19", "tags": ["Exploit", "Third Party Advisory"], "source": "vulnreport@tenable.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "fake_upload.cgi on the Telstra Smart Modem Gen 2 (Arcadyan LH1000), firmware versions < 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution as root.\u00a0"}, {"lang": "es", "value": "fake_upload.cgi en Telstra Smart Modem Gen 2 (Arcadyan LH1000), versiones de firmware < 0.18.15r, permite a atacantes no autenticados cargar im\u00e1genes de firmware y copias de seguridad de configuraci\u00f3n, lo que podr\u00eda permitirles alterar el firmware o la configuraci\u00f3n en el dispositivo, lo que en \u00faltima instancia lleva a para ejecutar el c\u00f3digo como root."}], "lastModified": "2023-09-22T18:36:45.253", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:telstra:arcadyan_lh1000_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35A4EC70-8D90-4C41-AD63-0C531644C396", "versionEndExcluding": "0.18.15r"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:telstra:arcadyan_lh1000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "18BB9AA9-95B5-4EF5-B398-7B2E80991966"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "vulnreport@tenable.com"}