Siglent SDS 1104X-E SDS1xx4X-E_V6.1.37R9.ADS allows unfiltered user input resulting in Remote Code Execution (RCE) with SCPI interface or web server.
References
Link | Resource |
---|---|
https://github.com/BretMcDanel/CVE/blob/main/CVE-2023-25367.md | Exploit Mitigation Third Party Advisory |
https://siglent.com | Product |
https://github.com/BretMcDanel/CVE/blob/main/CVE-2023-25367.md | Exploit Mitigation Third Party Advisory |
https://siglent.com | Product |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
History
21 Nov 2024, 07:49
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/BretMcDanel/CVE/blob/main/CVE-2023-25367.md - Exploit, Mitigation, Third Party Advisory | |
References | () https://siglent.com - Product |
28 Jun 2023, 17:56
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:siglent:sds1204x-e_firmware:6.1.37r9.ads:*:*:*:*:*:*:* cpe:2.3:h:siglent:sds1074x-e:-:*:*:*:*:*:*:* cpe:2.3:h:siglent:sds1104x-e:-:*:*:*:*:*:*:* cpe:2.3:o:siglent:sds1104x-e_firmware:6.1.37r9.ads:*:*:*:*:*:*:* cpe:2.3:o:siglent:sds1074x-e_firmware:6.1.37r9.ads:*:*:*:*:*:*:* cpe:2.3:h:siglent:sds1204x-e:-:*:*:*:*:*:*:* |
|
CWE | NVD-CWE-noinfo | |
First Time |
Siglent
Siglent sds1104x-e Firmware Siglent sds1104x-e Siglent sds1074x-e Firmware Siglent sds1074x-e Siglent sds1204x-e Siglent sds1204x-e Firmware |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
References | (MISC) https://siglent.com - Product | |
References | (MISC) https://github.com/BretMcDanel/CVE/blob/main/CVE-2023-25367.md - Exploit, Mitigation, Third Party Advisory |
14 Jun 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-14 17:15
Updated : 2024-11-21 07:49
NVD link : CVE-2023-25367
Mitre link : CVE-2023-25367
CVE.ORG link : CVE-2023-25367
JSON object : View
Products Affected
siglent
- sds1204x-e
- sds1074x-e_firmware
- sds1074x-e
- sds1204x-e_firmware
- sds1104x-e_firmware
- sds1104x-e
CWE