CVE-2023-49897
HIGHCVSS v3
8.8
HIGH
EPSS Score
33.6%
exploit probability
CISA KEV
No
known exploited
Exploitation
—
SSVC status
Description
An OS command injection vulnerability exists in AE1021PE firmware version 2.0.9 and earlier and AE1021 firmware version 2.0.9 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who can log in to the product.
Technical Details
- Published
- 12/6/2023
Frequently Asked Questions
What is CVE-2023-49897?
An OS command injection vulnerability exists in AE1021PE firmware version 2.0.9 and earlier and AE1021 firmware version 2.0.9 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who can log in to the product.
Is CVE-2023-49897 actively exploited?
Active exploitation of CVE-2023-49897 has not been confirmed. The EPSS score is 33.6%, indicating the estimated probability of exploitation in the next 30 days.
What is the CVSS score for CVE-2023-49897?
CVE-2023-49897 has a CVSS v3 base score of 8.8 (HIGH severity).
Is CVE-2023-49897 affecting your environment?
Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.