Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-23912

Published: 09/02/2023 Updated: 17/02/2023
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Ui

Vulnerability Summary

A vulnerability, found in EdgeRouters Version 2.0.9-hotfix.5 and previous versions and UniFi Security Gateways (USG) Version 4.4.56 and previous versions with their DHCPv6 prefix delegation set to dhcpv6-stateless or dhcpv6-stateful, allows a malicious actor directly connected to the WAN interface of an affected device to create a remote code execution vulnerability.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

ui usg_firmware

ui usg-pro-4_firmware

ui er-10x_firmware

ui er-10x_firmware 2.0.9

ui er-12_firmware

ui er-12_firmware 2.0.9

ui er-12p_firmware

ui er-12p_firmware 2.0.9

ui er-4_firmware

ui er-4_firmware 2.0.9

ui er-6p_firmware

ui er-6p_firmware 2.0.9

ui er-8-xg_firmware

ui er-8-xg_firmware 2.0.9

ui er-x_firmware

ui er-x_firmware 2.0.9

ui er-x-sfp_firmware

ui er-x-sfp_firmware 2.0.9

References

CWE-94https://community.ui.com/releases/Security-Advisory-Bulletin-028-028/696e4e3b-718c-4da4-9a21-965a85633b5fhttps://nvd.nist.govhttps://www.zerodayinitiative.com/advisories/ZDI-23-107/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook