CVE-2023-40146 — MEDIUM (6.8)

Vulnerability Description

A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can authenticate with hard-coded credentials and execute unblocked default busybox functionality to trigger this vulnerability.

CVSS Score

6.8

MEDIUM

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Peplink	Smart Reader Firmware	1.2.0
Peplink	Smart Reader	-

Related Weaknesses (CWE)

CWE-798 CWE-77

References

https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-Vendor Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1868ExploitThird Party Advisory
https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-Vendor Advisory
https://security.netapp.com/advisory/ntap-20240822-0008/Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1868ExploitThird Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1868

FAQ

What is CVE-2023-40146?

CVE-2023-40146 is a vulnerability with a CVSS score of 6.8 (MEDIUM). A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted command line argument can lead to a limited-shell escape and e...

How severe is CVE-2023-40146?

CVE-2023-40146 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-40146?

Check the references section above for vendor advisories and patch information. Affected products include: Peplink Smart Reader Firmware, Peplink Smart Reader.