CVE-2023-25643 - OpenCVE

There is a command injection vulnerability in some ZTE mobile internet products. Due to insufficient input validation of multiple network parameters, an authenticated attacker could use the vulnerability to execute arbitrary commands.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Zte	Mc801a Mc801a1 Mc801a1 Firmware Mc801a Firmware

Configuration 1 [-]

AND

cpe:2.3:o:zte:mc801a_firmware:mc801a_elisa3_b19:*:*:*:*:*:*:*

cpe:2.3:h:zte:mc801a:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:zte:mc801a1_firmware:mc801a1_elisa1_b04:*:*:*:*:*:*:*

cpe:2.3:h:zte:mc801a1:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032504

History

No history.

MITRE

Status: PUBLISHED

Assigner: zte

Published: 2023-12-14T07:19:08.757Z

Updated: 2024-08-28T14:10:23.264Z

Reserved: 2023-02-09T19:47:48.022Z

Link: CVE-2023-25643

Vulnrichment

Updated: 2024-08-02T11:25:19.324Z

NVD

Status : Analyzed

Published: 2023-12-14T08:15:38.357

Modified: 2023-12-18T20:09:13.630

Link: CVE-2023-25643

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-25643", "assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb", "state": "PUBLISHED", "assignerShortName": "zte", "dateReserved": "2023-02-09T19:47:48.022Z", "datePublished": "2023-12-14T07:19:08.757Z", "dateUpdated": "2024-08-28T14:10:23.264Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Linux"], "product": "MC801A", "vendor": "ZTE", "versions": [{"lessThanOrEqual": "B19", "status": "affected", "version": "MC801A_Elisa3_B19", "versionType": "B19"}]}, {"defaultStatus": "unaffected", "platforms": ["Linux"], "product": "MC801A1", "vendor": "ZTE", "versions": [{"lessThanOrEqual": "B04", "status": "affected", "version": "MC801A1_Elisa1_B04", "versionType": "B04"}]}], "datePublic": "2023-08-24T07:09:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n\n\nThere is a command injection vulnerability in some ZTE mobile internet products. Due to insufficient input validation of multiple network parameters, an authenticated attacker could use the vulnerability to execute arbitrary commands.\n\n\n\n"}], "value": "\n\n\nThere is a command injection vulnerability in some ZTE mobile internet\u00a0products. Due to insufficient input\u00a0validation of\u00a0multiple network parameters, an authenticated attacker could use the vulnerability to execute arbitrary commands.\n\n\n\n"}], "impacts": [{"capecId": "CAPEC-248", "descriptions": [{"lang": "en", "value": "CAPEC-248 Command Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-77", "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "6786b568-6808-4982-b61f-398b0d9679eb", "shortName": "zte", "dateUpdated": "2023-12-14T07:19:08.757Z"}, "references": [{"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032504"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">MC801A_Elisa3_B22, \n\n<span style=\"background-color: rgb(255, 255, 255);\">MC801A1_Elisa1_B06</span>\n\n</span><br>"}], "value": "\nMC801A_Elisa3_B22,\u00a0\n\nMC801A1_Elisa1_B06\n\n\n"}], "source": {"discovery": "UNKNOWN"}, "title": "Two Vulnerabilities in Some ZTE Mobile Internet Products", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T11:25:19.324Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032504", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "zte", "product": "mc801a", "cpes": ["cpe:2.3:h:zte:mc801a:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "mc801a_elisa3_b19", "status": "affected", "lessThanOrEqual": "b19", "versionType": "custom"}, {"version": "mc801a1_elisa1_b04", "status": "affected", "lessThanOrEqual": "b04", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-28T14:06:02.163506Z", "id": "CVE-2023-25643", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-28T14:10:23.264Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032504", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T11:25:19.324Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-25643", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-28T14:06:02.163506Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:zte:mc801a:-:*:*:*:*:*:*:*"], "vendor": "zte", "product": "mc801a", "versions": [{"status": "affected", "version": "mc801a_elisa3_b19", "versionType": "custom", "lessThanOrEqual": "b19"}, {"status": "affected", "version": "mc801a1_elisa1_b04", "versionType": "custom", "lessThanOrEqual": "b04"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-28T14:07:56.680Z"}}], "cna": {"title": "Two Vulnerabilities in Some ZTE Mobile Internet Products", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-248", "descriptions": [{"lang": "en", "value": "CAPEC-248 Command Injection"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "ZTE", "product": "MC801A", "versions": [{"status": "affected", "version": "MC801A_Elisa3_B19", "versionType": "B19", "lessThanOrEqual": "B19"}], "platforms": ["Linux"], "defaultStatus": "unaffected"}, {"vendor": "ZTE", "product": "MC801A1", "versions": [{"status": "affected", "version": "MC801A1_Elisa1_B04", "versionType": "B04", "lessThanOrEqual": "B04"}], "platforms": ["Linux"], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "\nMC801A_Elisa3_B22,\u00a0\n\nMC801A1_Elisa1_B06\n\n\n", "supportingMedia": [{"type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">MC801A_Elisa3_B22, \n\n<span style=\"background-color: rgb(255, 255, 255);\">MC801A1_Elisa1_B06</span>\n\n</span><br>", "base64": false}]}], "datePublic": "2023-08-24T07:09:00.000Z", "references": [{"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032504"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "\n\n\nThere is a command injection vulnerability in some ZTE mobile internet\u00a0products. Due to insufficient input\u00a0validation of\u00a0multiple network parameters, an authenticated attacker could use the vulnerability to execute arbitrary commands.\n\n\n\n", "supportingMedia": [{"type": "text/html", "value": "\n\n\n\nThere is a command injection vulnerability in some ZTE mobile internet products. Due to insufficient input validation of multiple network parameters, an authenticated attacker could use the vulnerability to execute arbitrary commands.\n\n\n\n", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')"}]}], "providerMetadata": {"orgId": "6786b568-6808-4982-b61f-398b0d9679eb", "shortName": "zte", "dateUpdated": "2023-12-14T07:19:08.757Z"}}}, "cveMetadata": {"cveId": "CVE-2023-25643", "state": "PUBLISHED", "dateUpdated": "2024-08-28T14:10:23.264Z", "dateReserved": "2023-02-09T19:47:48.022Z", "assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb", "datePublished": "2023-12-14T07:19:08.757Z", "assignerShortName": "zte"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zte:mc801a_firmware:mc801a_elisa3_b19:*:*:*:*:*:*:*", "matchCriteriaId": "26E81BDF-7249-4834-BE1A-F59972F3D4CE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zte:mc801a:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC8126B4-CBCF-4616-886B-E50C089D2F6B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zte:mc801a1_firmware:mc801a1_elisa1_b04:*:*:*:*:*:*:*", "matchCriteriaId": "5AE44916-2BFF-44C9-B434-DC47473E3E1A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zte:mc801a1:-:*:*:*:*:*:*:*", "matchCriteriaId": "CE626E17-D246-4A9C-8B2C-08F7760118B8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "\n\n\nThere is a command injection vulnerability in some ZTE mobile internet\u00a0products. Due to insufficient input\u00a0validation of\u00a0multiple network parameters, an authenticated attacker could use the vulnerability to execute arbitrary commands.\n\n\n\n"}, {"lang": "es", "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos en algunos productos de internet m\u00f3vil de ZTE. Debido a una validaci\u00f3n de entrada insuficiente de m\u00faltiples par\u00e1metros de red, un atacante autenticado podr\u00eda utilizar la vulnerabilidad para ejecutar comandos arbitrarios."}], "id": "CVE-2023-25643", "lastModified": "2023-12-18T20:09:13.630", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 6.0, "source": "psirt@zte.com.cn", "type": "Secondary"}]}, "published": "2023-12-14T08:15:38.357", "references": [{"source": "psirt@zte.com.cn", "tags": ["Vendor Advisory"], "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032504"}], "sourceIdentifier": "psirt@zte.com.cn", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-77"}], "source": "psirt@zte.com.cn", "type": "Secondary"}]}