CVE-2023-0862 - OpenCVE

The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote command execution with elevated privileges. This issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Netmodule	Nb1601 Nb1800 Nb1810 Nb2800 Nb2810 Nb3701 Nb3800 Nb800 Netmodule Router Software Ng800

Configuration 1 [-]

AND

OR	cpe:2.3:a:netmodule:netmodule_router_software::::::::
	cpe:2.3:a:netmodule:netmodule_router_software::::::::
	cpe:2.3:a:netmodule:netmodule_router_software::::::::
	cpe:2.3:a:netmodule:netmodule_router_software::::::::

OR	cpe:2.3:h:netmodule:nb1601:-:::::::*
	cpe:2.3:h:netmodule:nb1800:-:::::::*
	cpe:2.3:h:netmodule:nb1810:-:::::::*
	cpe:2.3:h:netmodule:nb2800:-:::::::*
	cpe:2.3:h:netmodule:nb2810:-:::::::*
	cpe:2.3:h:netmodule:nb3701:-:::::::*
	cpe:2.3:h:netmodule:nb3800:-:::::::*
	cpe:2.3:h:netmodule:nb800:-:::::::*
	cpe:2.3:h:netmodule:ng800:-:::::::*

No data.

References

Link	Providers
https://onekey.com/blog/security-advisory-netmodule-multiple-vulnerabilities/
https://share.netmodule.com/public/system-software/4.7/4.7.0.103/NRSW-RN-4.7.0.103.pdf

History

No history.

MITRE

Status: PUBLISHED

Assigner: ONEKEY

Published: 2023-02-16T09:07:09.930Z

Updated: 2024-08-02T05:24:34.659Z

Reserved: 2023-02-16T09:01:36.192Z

Link: CVE-2023-0862

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-02-16T10:15:11.983

Modified: 2023-11-07T04:01:44.163

Link: CVE-2023-0862

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-0862", "assignerOrgId": "2d533b80-6e4a-4e20-93e2-171235122846", "state": "PUBLISHED", "assignerShortName": "ONEKEY", "dateReserved": "2023-02-16T09:01:36.192Z", "datePublished": "2023-02-16T09:07:09.930Z", "dateUpdated": "2024-08-02T05:24:34.659Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["web administration interface"], "product": "NSRW", "vendor": "NetModule", "versions": [{"lessThan": "4.3.0.119", "status": "affected", "version": "4.3.0.0", "versionType": "4.3.0.119"}, {"lessThan": "4.4.0.118", "status": "affected", "version": "4.4.0.0", "versionType": "4.4.0.118"}, {"lessThan": "4.6.0.105", "status": "affected", "version": "4.6.0.0", "versionType": "4.6.0.105"}, {"lessThan": "4.7.0.103", "status": "affected", "version": "4.7.0.0", "versionType": "4.7.0.103"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Quentin Kaiser from ONEKEY Research Labs"}], "datePublic": "2023-02-16T09:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote command execution with elevated privileges.<br><br>This issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103.<br>"}], "value": "The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote command execution with elevated privileges.\n\nThis issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103.\n"}], "impacts": [{"capecId": "CAPEC-126", "descriptions": [{"lang": "en", "value": "CAPEC-126 Path Traversal"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "2d533b80-6e4a-4e20-93e2-171235122846", "shortName": "ONEKEY", "dateUpdated": "2023-02-21T08:24:22.762Z"}, "references": [{"url": "https://share.netmodule.com/public/system-software/4.7/4.7.0.103/NRSW-RN-4.7.0.103.pdf"}, {"url": "https://onekey.com/blog/security-advisory-netmodule-multiple-vulnerabilities/"}], "source": {"discovery": "EXTERNAL"}, "title": "Path Traversal in NetModule NSRW", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:24:34.659Z"}, "title": "CVE Program Container", "references": [{"url": "https://share.netmodule.com/public/system-software/4.7/4.7.0.103/NRSW-RN-4.7.0.103.pdf", "tags": ["x_transferred"]}, {"url": "https://onekey.com/blog/security-advisory-netmodule-multiple-vulnerabilities/", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netmodule:netmodule_router_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "FA6AD24E-E27F-4078-8066-AB0E0D1CAA33", "versionEndExcluding": "4.3.0.119", "versionStartIncluding": "4.3.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:netmodule:netmodule_router_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "8000F0E9-A55B-472E-B71E-20097FC15C58", "versionEndExcluding": "4.4.0.118", "versionStartIncluding": "4.4.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:netmodule:netmodule_router_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "EFFBFAD7-53CB-4755-A338-2FE945B3689F", "versionEndExcluding": "4.6.0.105", "versionStartIncluding": "4.6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:netmodule:netmodule_router_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "B543F356-8395-4F7E-A3C8-1A5DB362533C", "versionEndExcluding": "4.7.0.103", "versionStartIncluding": "4.7.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netmodule:nb1601:-:*:*:*:*:*:*:*", "matchCriteriaId": "5C90BC32-C405-4178-B944-9CF39C212C46", "vulnerable": false}, {"criteria": "cpe:2.3:h:netmodule:nb1800:-:*:*:*:*:*:*:*", "matchCriteriaId": "A80AE348-C415-4B5F-B359-26E2F2A132F7", "vulnerable": false}, {"criteria": "cpe:2.3:h:netmodule:nb1810:-:*:*:*:*:*:*:*", "matchCriteriaId": "A3CF8E81-2EB5-4CDC-9FC9-CEAF4E1E7514", "vulnerable": false}, {"criteria": "cpe:2.3:h:netmodule:nb2800:-:*:*:*:*:*:*:*", "matchCriteriaId": "EFF579A1-A31C-47F3-912A-43F5B4894497", "vulnerable": false}, {"criteria": "cpe:2.3:h:netmodule:nb2810:-:*:*:*:*:*:*:*", "matchCriteriaId": "41310FAF-CD23-4126-942D-DA950A96DF3E", "vulnerable": false}, {"criteria": "cpe:2.3:h:netmodule:nb3701:-:*:*:*:*:*:*:*", "matchCriteriaId": "962F7AFA-76A3-4F83-AA2C-AB168C644104", "vulnerable": false}, {"criteria": "cpe:2.3:h:netmodule:nb3800:-:*:*:*:*:*:*:*", "matchCriteriaId": "7120564A-4FE0-403E-A976-9658A665E51A", "vulnerable": false}, {"criteria": "cpe:2.3:h:netmodule:nb800:-:*:*:*:*:*:*:*", "matchCriteriaId": "3B550124-772B-4384-BA89-72B68E01F61E", "vulnerable": false}, {"criteria": "cpe:2.3:h:netmodule:ng800:-:*:*:*:*:*:*:*", "matchCriteriaId": "0408E588-146F-4AD2-9D58-A12EBA83A697", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote command execution with elevated privileges.\n\nThis issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103.\n"}], "id": "CVE-2023-0862", "lastModified": "2023-11-07T04:01:44.163", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "research@onekey.com", "type": "Secondary"}]}, "published": "2023-02-16T10:15:11.983", "references": [{"source": "research@onekey.com", "tags": ["Third Party Advisory"], "url": "https://onekey.com/blog/security-advisory-netmodule-multiple-vulnerabilities/"}, {"source": "research@onekey.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://share.netmodule.com/public/system-software/4.7/4.7.0.103/NRSW-RN-4.7.0.103.pdf"}], "sourceIdentifier": "research@onekey.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "research@onekey.com", "type": "Secondary"}]}