Vulnerability Description
In Meinbergs LTOS versions prior to V7.06.013, the configuration file upload function would not correctly validate the input, which would allow an remote authenticated attacker with high privileges to execute arbitrary commands.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Meinbergglobal | Lantime Firmware | < 7.06.013 |
| Meinbergglobal | Lantime M100 | - |
| Meinbergglobal | Lantime M200 | - |
| Meinbergglobal | Lantime M300 | - |
| Meinbergglobal | Lantime M400 | - |
| Meinbergglobal | Lantime M600 | - |
| Meinbergglobal | Lantime M900 | - |
Related Weaknesses (CWE)
References
- https://www.meinbergglobal.com/english/news/meinberg-security-advisory-mbgsa-202Vendor Advisory
- https://www.meinbergglobal.com/english/news/meinberg-security-advisory-mbgsa-202Vendor Advisory
FAQ
What is CVE-2023-1731?
CVE-2023-1731 is a vulnerability with a CVSS score of 7.2 (HIGH). In Meinbergs LTOS versions prior to V7.06.013, the configuration file upload function would not correctly validate the input, which would allow an remote authenticated attacker with high privileges to...
How severe is CVE-2023-1731?
CVE-2023-1731 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-1731?
Check the references section above for vendor advisories and patch information. Affected products include: Meinbergglobal Lantime Firmware, Meinbergglobal Lantime M100, Meinbergglobal Lantime M200, Meinbergglobal Lantime M300, Meinbergglobal Lantime M400.