A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN. To exploit the vulnerability the attacker can inject shell commands through a particular field of the web user interface that will be executed by the system.
Metrics
Affected Vendors & Products
References
History
Wed, 04 Dec 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: Hitachi Energy
Published: 2023-06-28T16:15:46.529Z
Updated: 2024-12-04T20:57:56.402Z
Reserved: 2023-05-10T10:31:57.900Z
Link: CVE-2023-2625
Vulnrichment
Updated: 2024-08-02T06:26:09.908Z
NVD
Status : Modified
Published: 2023-06-28T17:15:10.627
Modified: 2024-11-21T07:58:57.377
Link: CVE-2023-2625
Redhat
No data.