CVE-2023-38029

Published Aug 28, 2023

Last updated a year ago

CVSS critical 9.8

Overview

Description: Saho’s attendance devices ADM100 and ADM-100FP has insufficient filtering for special characters and file type within their file uploading function. A unauthenticate remote attacker authenticated can upload and execute arbitrary files to perform arbitrary system commands or disrupt service.
Source: twcert@cert.org.tw
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

Weaknesses

twcert@cert.org.tw: CWE-434

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:saho:adm-100_firmware:0.0.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51D8D874-7C51-41E7-9689-E795DE1360D3"
          },
          {
            "criteria": "cpe:2.3:o:saho:adm-100_firmware:0.0.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "50C72BE7-0E40-4F1A-86D6-15E8C78121C8"
          },
          {
            "criteria": "cpe:2.3:o:saho:adm-100_firmware:0.0.4.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5EB5DA1F-3BED-4F23-9FA1-C65F6C59235B"
          },
          {
            "criteria": "cpe:2.3:o:saho:adm-100_firmware:0.0.4.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE08CF54-2259-40AF-B68C-F3498133F490"
          },
          {
            "criteria": "cpe:2.3:o:saho:adm-100_firmware:q20100602:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28AF1652-9D3F-45F6-969D-FA0D7F688F12"
          },
          {
            "criteria": "cpe:2.3:o:saho:adm-100_firmware:t190:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "825B2F91-8AC9-4543-9BD8-26760B5F6587"
          },
          {
            "criteria": "cpe:2.3:o:saho:adm-100_firmware:t17041702:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "176C1D07-D975-4CF8-B54C-16366DF1C848"
          },
          {
            "criteria": "cpe:2.3:o:saho:adm-100_firmware:t18051803:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA65B75F-139F-4BC6-A5AB-EA74FFE5966A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:saho:adm-100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AA638ECA-B29C-415D-99E7-217D16473C37"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:saho:adm-100fp_firmware:q20100602:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6612C85-1259-4435-BEB1-DC5ADC8D620D"
          },
          {
            "criteria": "cpe:2.3:o:saho:adm-100fp_firmware:t190:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC7D1DBE-4976-47A4-951B-39B5C9B8736A"
          },
          {
            "criteria": "cpe:2.3:o:saho:adm-100fp_firmware:t17041702:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9487774-CE30-4C04-B296-70B3A73225C7"
          },
          {
            "criteria": "cpe:2.3:o:saho:adm-100fp_firmware:t18051803:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D0E10BD2-D64F-49F9-8409-A56AC2E0FD57"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:saho:adm-100fp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "295DF46C-15E0-47A3-8F21-A48F670C0496"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References