CVE-2023-0830

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://gist.github.com/xbz0n/674af0e802efaaafe90d2f67464c2690", "name": "https://gist.github.com/xbz0n/674af0e802efaaafe90d2f67464c2690", "tags": ["Exploit", "Third Party Advisory"], "refsource": ""}, {"url": "https://github.com/xbz0n/CVE-2023-0830", "name": "https://github.com/xbz0n/CVE-2023-0830", "tags": [], "refsource": ""}, {"url": "https://vuldb.com/?ctiid.220950", "name": "https://vuldb.com/?ctiid.220950", "tags": ["Permissions Required", "Third Party Advisory", "VDB Entry"], "refsource": ""}, {"url": "https://vuldb.com/?ctiid.220950", "name": "VDB-220950 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["Permissions Required", "Third Party Advisory", "VDB Entry"], "refsource": ""}, {"url": "https://vuldb.com/?id.220950", "name": "https://vuldb.com/?id.220950", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": ""}, {"url": "https://vuldb.com/?id.220950", "name": "VDB-220950 | EasyNAS backup.pl system os command injection", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": ""}, {"url": "https://vuldb.com/?submit.86683", "name": "Submit #86683 | EasyNAS 1.1.0 - Authenticated OS Command Injection", "tags": [], "refsource": ""}, {"url": "https://www.exploit-db.com/exploits/51266", "name": "https://www.exploit-db.com/exploits/51266", "tags": [], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A vulnerability classified as critical has been found in EasyNAS 1.1.0. Affected is the function system of the file /backup.pl. The manipulation leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-78"}, {"lang": "en", "value": "CWE-77"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2023-0830", "ASSIGNER": "cna@vuldb.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}}, "publishedDate": "2023-02-14T17:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:easynas:easynas:1.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-05-01T15:16Z"}