- Description
- Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in UD-LT2 firmware Ver.1.00.008_SE and earlier. If a user logs in to CLI of the affected product, an arbitrary OS command may be executed.
- Source
- vultures@jpcert.or.jp
- NVD status
- Received
CVSS 3.0
- Type
- Secondary
- Base score
- 6.6
- Impact score
- 5.9
- Exploitability score
- 0.7
- Vector string
- CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- MEDIUM
- vultures@jpcert.or.jp
- CWE-78
- Hype score
- Not currently trending
CVE-2025-23237 OS Command Injection Vulnerability in UD-LT2 Firmware https://t.co/YaWTLLwvCv Vulnerability Alert Subscriptions: https://t.co/hrQhy5uz4x
@VulmonFeeds
22 Jan 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-23237 Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in UD-LT2 firmware Ver.1.00.008_SE and earlier. If a user logs… https://t.co/VupNgKSDy9
@CVEnew
22 Jan 2025
438 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes