In wlan service, there is a possible command injection due to improper input validation. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00244189; Issue ID: WCNCR00244189.
References
Link | Resource |
---|---|
https://corp.mediatek.com/product-security-bulletin/September-2023 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
07 Sep 2023, 19:14
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
References | (MISC) https://corp.mediatek.com/product-security-bulletin/September-2023 - Vendor Advisory | |
First Time |
Mediatek mt7622
Mediatek mt7915 Mediatek mt7629 Mediatek mt7603 Mediatek mt7916 Openwrt openwrt Openwrt Mediatek mt7990 Mediatek mt7986 Mediatek mt7615 Mediatek mt7612 Mediatek mt7981 Mediatek mt7626 Mediatek Mediatek mt6890 Mediatek mt7613 |
|
CPE | cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:* cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7990:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7626:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.2 |
04 Sep 2023, 03:51
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-04 03:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-20820
Mitre link : CVE-2023-20820
CVE.ORG link : CVE-2023-20820
JSON object : View
Products Affected
mediatek
- mt7916
- mt7990
- mt7613
- mt6890
- mt7615
- mt7981
- mt7626
- mt7986
- mt7629
- mt7915
- mt7603
- mt7622
- mt7612
openwrt
- openwrt
CWE