CVE-2023-38318 | OpenNDS up to 10.1.2 Configuration File os command injection

Posted by Angelo Barbosa | Jan 26, 2024 | CVE

A vulnerability has been found in OpenNDS up to 10.1.2 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Configuration File Handler. The manipulation leads to os command injection.

This vulnerability is known as CVE-2023-38318. Access to the local network is required for this attack. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-38318 | OpenNDS up to 10.1.2 Configuration File os command injection

Related Posts

CVE-2023-6574 | Beijing Baichuo Smart S20 up to 20231120 HTTP POST Request /sysmanage/updateos.php 1_file_upload unrestricted upload

CVE-2024-1649 | Categorify Plugin up to 1.0.7.4 on WordPress categorifyAjaxDeleteCategory authorization

CVE-2023-51454 | DJI Mavic 3 Pro Service Port 10000 libv2_sdk.so my_tcp_receive out-of-bounds write

CVE-2024-23876 | Cups Easy 1.0 URL taxstructurecreate.php cross site scripting