CVE-2023-32350
Severity Score
8.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Versions 00.07.00 through 00.07.03 of Teltonika’s RUT router firmware contain an operating system (OS) command injection vulnerability in a Lua service. An attacker could exploit a parameter in the vulnerable function that calls a user-provided package name by instead providing a package with a malicious name that contains an OS command injection payload.
*Credits:
Noam Moshe, Claroty Research
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-05-08 CVE Reserved
- 2023-05-22 CVE Published
- 2024-08-02 CVE Updated
- 2024-11-01 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-08 | Government Resource |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Teltonika-networks Search vendor "Teltonika-networks" | Rut200 Firmware Search vendor "Teltonika-networks" for product "Rut200 Firmware" | >= 00.07.00 <= 00.07.03 Search vendor "Teltonika-networks" for product "Rut200 Firmware" and version " >= 00.07.00 <= 00.07.03" | - |
Affected
| in | Teltonika-networks Search vendor "Teltonika-networks" | Rut200 Search vendor "Teltonika-networks" for product "Rut200" | - | - |
Safe
|
| Teltonika-networks Search vendor "Teltonika-networks" | Rut240 Firmware Search vendor "Teltonika-networks" for product "Rut240 Firmware" | >= 00.07.00 <= 00.07.03 Search vendor "Teltonika-networks" for product "Rut240 Firmware" and version " >= 00.07.00 <= 00.07.03" | - |
Affected
| in | Teltonika-networks Search vendor "Teltonika-networks" | Rut240 Search vendor "Teltonika-networks" for product "Rut240" | - | - |
Safe
|
| Teltonika-networks Search vendor "Teltonika-networks" | Rut241 Firmware Search vendor "Teltonika-networks" for product "Rut241 Firmware" | >= 00.07.00 <= 00.07.03 Search vendor "Teltonika-networks" for product "Rut241 Firmware" and version " >= 00.07.00 <= 00.07.03" | - |
Affected
| in | Teltonika-networks Search vendor "Teltonika-networks" | Rut241 Search vendor "Teltonika-networks" for product "Rut241" | - | - |
Safe
|
| Teltonika-networks Search vendor "Teltonika-networks" | Rut300 Firmware Search vendor "Teltonika-networks" for product "Rut300 Firmware" | >= 00.07.00 <= 00.07.03 Search vendor "Teltonika-networks" for product "Rut300 Firmware" and version " >= 00.07.00 <= 00.07.03" | - |
Affected
| in | Teltonika-networks Search vendor "Teltonika-networks" | Rut300 Search vendor "Teltonika-networks" for product "Rut300" | - | - |
Safe
|
| Teltonika-networks Search vendor "Teltonika-networks" | Rut360 Firmware Search vendor "Teltonika-networks" for product "Rut360 Firmware" | >= 00.07.00 <= 00.07.03 Search vendor "Teltonika-networks" for product "Rut360 Firmware" and version " >= 00.07.00 <= 00.07.03" | - |
Affected
| in | Teltonika-networks Search vendor "Teltonika-networks" | Rut360 Search vendor "Teltonika-networks" for product "Rut360" | - | - |
Safe
|
| Teltonika-networks Search vendor "Teltonika-networks" | Rut901 Firmware Search vendor "Teltonika-networks" for product "Rut901 Firmware" | >= 00.07.00 <= 00.07.03 Search vendor "Teltonika-networks" for product "Rut901 Firmware" and version " >= 00.07.00 <= 00.07.03" | - |
Affected
| in | Teltonika-networks Search vendor "Teltonika-networks" | Rut901 Search vendor "Teltonika-networks" for product "Rut901" | - | - |
Safe
|
| Teltonika-networks Search vendor "Teltonika-networks" | Rut950 Firmware Search vendor "Teltonika-networks" for product "Rut950 Firmware" | >= 00.07.00 <= 00.07.03 Search vendor "Teltonika-networks" for product "Rut950 Firmware" and version " >= 00.07.00 <= 00.07.03" | - |
Affected
| in | Teltonika-networks Search vendor "Teltonika-networks" | Rut950 Search vendor "Teltonika-networks" for product "Rut950" | - | - |
Safe
|
| Teltonika-networks Search vendor "Teltonika-networks" | Rut951 Firmware Search vendor "Teltonika-networks" for product "Rut951 Firmware" | >= 00.07.00 <= 00.07.03 Search vendor "Teltonika-networks" for product "Rut951 Firmware" and version " >= 00.07.00 <= 00.07.03" | - |
Affected
| in | Teltonika-networks Search vendor "Teltonika-networks" | Rut951 Search vendor "Teltonika-networks" for product "Rut951" | - | - |
Safe
|
| Teltonika-networks Search vendor "Teltonika-networks" | Rut955 Firmware Search vendor "Teltonika-networks" for product "Rut955 Firmware" | >= 00.07.00 <= 00.07.03 Search vendor "Teltonika-networks" for product "Rut955 Firmware" and version " >= 00.07.00 <= 00.07.03" | - |
Affected
| in | Teltonika-networks Search vendor "Teltonika-networks" | Rut955 Search vendor "Teltonika-networks" for product "Rut955" | - | - |
Safe
|
| Teltonika-networks Search vendor "Teltonika-networks" | Rut956 Firmware Search vendor "Teltonika-networks" for product "Rut956 Firmware" | >= 00.07.00 <= 00.07.03 Search vendor "Teltonika-networks" for product "Rut956 Firmware" and version " >= 00.07.00 <= 00.07.03" | - |
Affected
| in | Teltonika-networks Search vendor "Teltonika-networks" | Rut956 Search vendor "Teltonika-networks" for product "Rut956" | - | - |
Safe
|
| Teltonika-networks Search vendor "Teltonika-networks" | Rutx08 Firmware Search vendor "Teltonika-networks" for product "Rutx08 Firmware" | >= 00.07.00 <= 00.07.03 Search vendor "Teltonika-networks" for product "Rutx08 Firmware" and version " >= 00.07.00 <= 00.07.03" | - |
Affected
| in | Teltonika-networks Search vendor "Teltonika-networks" | Rutx08 Search vendor "Teltonika-networks" for product "Rutx08" | - | - |
Safe
|
| Teltonika-networks Search vendor "Teltonika-networks" | Rutx09 Firmware Search vendor "Teltonika-networks" for product "Rutx09 Firmware" | >= 00.07.00 <= 00.07.03 Search vendor "Teltonika-networks" for product "Rutx09 Firmware" and version " >= 00.07.00 <= 00.07.03" | - |
Affected
| in | Teltonika-networks Search vendor "Teltonika-networks" | Rutx09 Search vendor "Teltonika-networks" for product "Rutx09" | - | - |
Safe
|
| Teltonika-networks Search vendor "Teltonika-networks" | Rutx10 Firmware Search vendor "Teltonika-networks" for product "Rutx10 Firmware" | >= 00.07.00 <= 00.07.03 Search vendor "Teltonika-networks" for product "Rutx10 Firmware" and version " >= 00.07.00 <= 00.07.03" | - |
Affected
| in | Teltonika-networks Search vendor "Teltonika-networks" | Rutx10 Search vendor "Teltonika-networks" for product "Rutx10" | - | - |
Safe
|
| Teltonika-networks Search vendor "Teltonika-networks" | Rutx11 Firmware Search vendor "Teltonika-networks" for product "Rutx11 Firmware" | >= 00.07.00 <= 00.07.03 Search vendor "Teltonika-networks" for product "Rutx11 Firmware" and version " >= 00.07.00 <= 00.07.03" | - |
Affected
| in | Teltonika-networks Search vendor "Teltonika-networks" | Rutx11 Search vendor "Teltonika-networks" for product "Rutx11" | - | - |
Safe
|
| Teltonika-networks Search vendor "Teltonika-networks" | Rutx12 Firmware Search vendor "Teltonika-networks" for product "Rutx12 Firmware" | >= 00.07.00 <= 00.07.03 Search vendor "Teltonika-networks" for product "Rutx12 Firmware" and version " >= 00.07.00 <= 00.07.03" | - |
Affected
| in | Teltonika-networks Search vendor "Teltonika-networks" | Rutx12 Search vendor "Teltonika-networks" for product "Rutx12" | - | - |
Safe
|
| Teltonika-networks Search vendor "Teltonika-networks" | Rutx14 Firmware Search vendor "Teltonika-networks" for product "Rutx14 Firmware" | >= 00.07.00 <= 00.07.03 Search vendor "Teltonika-networks" for product "Rutx14 Firmware" and version " >= 00.07.00 <= 00.07.03" | - |
Affected
| in | Teltonika-networks Search vendor "Teltonika-networks" | Rutx14 Search vendor "Teltonika-networks" for product "Rutx14" | - | - |
Safe
|
| Teltonika-networks Search vendor "Teltonika-networks" | Rutx50 Firmware Search vendor "Teltonika-networks" for product "Rutx50 Firmware" | >= 00.07.00 <= 00.07.03 Search vendor "Teltonika-networks" for product "Rutx50 Firmware" and version " >= 00.07.00 <= 00.07.03" | - |
Affected
| in | Teltonika-networks Search vendor "Teltonika-networks" | Rutx50 Search vendor "Teltonika-networks" for product "Rutx50" | - | - |
Safe
|
| Teltonika-networks Search vendor "Teltonika-networks" | Rutxr1 Firmware Search vendor "Teltonika-networks" for product "Rutxr1 Firmware" | >= 00.07.00 <= 00.07.03 Search vendor "Teltonika-networks" for product "Rutxr1 Firmware" and version " >= 00.07.00 <= 00.07.03" | - |
Affected
| in | Teltonika-networks Search vendor "Teltonika-networks" | Rutxr1 Search vendor "Teltonika-networks" for product "Rutxr1" | - | - |
Safe
|