CVE-2023-36143 — HIGH (8.8)

Vulnerability Description

Maxprint Maxlink 1200G v3.4.11E has an OS command injection vulnerability in the "Diagnostic tool" functionality of the device.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Maxprintisp	Maxlink 1200G Firmware	3.4.11e
Maxprintisp	Maxlink 1200G	-

Related Weaknesses (CWE)

CWE-78

References

http://maxlink.comNot Applicable
https://github.com/leonardobg/CVE-2023-36143ExploitThird Party Advisory
http://maxlink.comNot Applicable
https://github.com/leonardobg/CVE-2023-36143ExploitThird Party Advisory

FAQ

What is CVE-2023-36143?

CVE-2023-36143 is a vulnerability with a CVSS score of 8.8 (HIGH). Maxprint Maxlink 1200G v3.4.11E has an OS command injection vulnerability in the "Diagnostic tool" functionality of the device.

How severe is CVE-2023-36143?

CVE-2023-36143 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-36143?

Check the references section above for vendor advisories and patch information. Affected products include: Maxprintisp Maxlink 1200G Firmware, Maxprintisp Maxlink 1200G.