Vulnerabilities (CVE)

Filtered by vendor Rigol Subscribe
Filtered by product Mso5000
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-38379 1 Rigol 2 Mso5000, Mso5000 Firmware 2024-11-21 N/A 7.5 HIGH
The web interface on the RIGOL MSO5000 digital oscilloscope with firmware 00.01.03.00.03 allows remote attackers to change the admin password via a zero-length pass0 to the webcontrol changepwd.cgi application, i.e., the entered password only needs to match the first zero characters of the saved password.
CVE-2023-38378 1 Rigol 2 Mso5000, Mso5000 Firmware 2024-11-21 N/A 9.8 CRITICAL
The web interface on the RIGOL MSO5000 digital oscilloscope with firmware 00.01.03.00.03 allows remote attackers to execute arbitrary code via shell metacharacters in pass1 to the webcontrol changepwd.cgi application.