CVE-2023-41352

Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient filtering for user input. A remote attacker with administrator privilege can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system or terminate services.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:nokia:g-040w-q_firmware:g040wqr201207:*:*:*:*:*:*:*
cpe:2.3:h:nokia:g-040w-q:-:*:*:*:*:*:*:*

History

21 Nov 2024, 08:21

Type Values Removed Values Added
References () https://www.twcert.org.tw/tw/cp-132-7502-287ec-1.html - Third Party Advisory () https://www.twcert.org.tw/tw/cp-132-7502-287ec-1.html - Third Party Advisory

13 Nov 2023, 19:31

Type Values Removed Values Added
CPE cpe:2.3:o:nokia:g-040w-q_firmware:g040wqr201207:*:*:*:*:*:*:*
cpe:2.3:h:nokia:g-040w-q:-:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.2
First Time Nokia
Nokia g-040w-q
Nokia g-040w-q Firmware
CWE CWE-78
References (MISC) https://www.twcert.org.tw/tw/cp-132-7502-287ec-1.html - (MISC) https://www.twcert.org.tw/tw/cp-132-7502-287ec-1.html - Third Party Advisory

03 Nov 2023, 06:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-11-03 06:15

Updated : 2024-11-21 08:21


NVD link : CVE-2023-41352

Mitre link : CVE-2023-41352

CVE.ORG link : CVE-2023-41352


JSON object : View

Products Affected

nokia

  • g-040w-q_firmware
  • g-040w-q
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')