CVE-2023-45466

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Oct 13, 2023
Updated: Oct 16, 2023
CWE ID 77

Summary

CVE-2023-45466 is a command injection vulnerability discovered in the Netis N3Mv2-V1.0.1.865 product, specifically in the WPS Settings through the pin_host parameter. The vulnerability has a base severity rating of CRITICAL with a base score of 9.8 according to NIST's National Vulnerability Database (NVD). It poses a high risk to organizations as it has a high impact on confidentiality and integrity, and can be exploited remotely without requiring any privileges or user interaction. The vulnerability falls under CWE-77, which is the improper neutralization of special elements used in a command (command injection). To mitigate this vulnerability, it is crucial to apply appropriate patches or updates provided by the vendor as soon as they become available.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-45466 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options