CVE-2023-43752

CVSS 3.1 Score 8.0 of 10 (high)

Details

Published Nov 16, 2023
Updated: Nov 29, 2023
CWE ID 78

Summary

CVE-2023-43752 is a critical vulnerability affecting WRC-X3000GS2-W v1.05 and earlier, WRC-X3000GS2-B v1.05 and earlier, and WRC-X3000GS2A-B v1.05 and earlier wireless control systems. This OS command injection issue enables network-adjacent authenticated users to execute arbitrary operating system commands by crafting specific requests. Successful exploitation could result in significant security implications, including unauthorized system access and data theft. Users are advised to update their systems as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share