CVE-2023-38318 | OpenNDS up to 10.1.2 Configuration File os command injection

Posted by Angelo Barbosa | Jan 26, 2024 | CVE

A vulnerability has been found in OpenNDS up to 10.1.2 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Configuration File Handler. The manipulation leads to os command injection.

This vulnerability is known as CVE-2023-38318. Access to the local network is required for this attack. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-38318 | OpenNDS up to 10.1.2 Configuration File os command injection

Related Posts

CVE-2024-50955 | Xinje XD5E-24R/XL5E-16T 3.5.3b TCP Protocol Message denial of service

CVE-2023-52454 | Linux Kernel up to 6.7.1 nvmet-tcp nvmet_tcp_build_pdu_iovec null pointer dereference

CVE-2023-41829 | Motorola Phones prior 2023-08-01 Carrier Services Application improper export of android application components

CVE-2023-34980 | QNAP QTS/QuTS hero os command injection (qsa-24-12)