CVE-2023-27826

SeowonIntech SWC 5100W WIMAX Bootloader 1.18.19.0, HW 0.0.7.0, and FW 1.11.0.1, 1.9.9.4 are vulnerable to OS Command Injection. which allows attackers to take over the system with root privilege by abusing doSystem() function.
References
Link Resource
https://pastebin.com/raw/buhVV7iL Exploit Third Party Advisory
https://usermanual.wiki/SEOWON-INTECH/SWC5100W Product
https://www.exploit-db.com/exploits/51311 Exploit Third Party Advisory VDB Entry
https://pastebin.com/raw/buhVV7iL Exploit Third Party Advisory
https://usermanual.wiki/SEOWON-INTECH/SWC5100W Product
https://www.exploit-db.com/exploits/51311 Exploit Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:seowonintech:swc-5100w_firmware:1.9.9.4:*:*:*:*:*:*:*
cpe:2.3:o:seowonintech:swc-5100w_firmware:1.11.0.1:*:*:*:*:*:*:*
cpe:2.3:h:seowonintech:swc-5100w:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:53

Type Values Removed Values Added
References () https://pastebin.com/raw/buhVV7iL - Exploit, Third Party Advisory () https://pastebin.com/raw/buhVV7iL - Exploit, Third Party Advisory
References () https://usermanual.wiki/SEOWON-INTECH/SWC5100W - Product () https://usermanual.wiki/SEOWON-INTECH/SWC5100W - Product
References () https://www.exploit-db.com/exploits/51311 - Exploit, Third Party Advisory, VDB Entry () https://www.exploit-db.com/exploits/51311 - Exploit, Third Party Advisory, VDB Entry

Information

Published : 2023-04-12 13:15

Updated : 2024-11-21 07:53


NVD link : CVE-2023-27826

Mitre link : CVE-2023-27826

CVE.ORG link : CVE-2023-27826


JSON object : View

Products Affected

seowonintech

  • swc-5100w_firmware
  • swc-5100w
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')