OS Command Injection Vulnerability in CTM-200 v2.7.1.5600 and Below
CVE-2023-47415

Currently unrated

Key Information:

Vendor: Cypress Solutions
Vendor: CVE Published:; 7 March 2024

🔔 Create Cypress Solutions Vulnerability Alert

What is CVE-2023-47415?

The CTM-200 product by Cypress Solutions contains a vulnerability that allows OS command injection through the cli_text parameter. When exploited, this vulnerability may enable an attacker to execute arbitrary commands on the host OS, leading to unauthorized access and potential system compromise. It is crucial for users of CTM-200 version 2.7.1.5600 and earlier to be aware of this issue and take necessary precautions to secure their systems.

References

http://ctm-200.com

http://cypress.com

https://gitlab.com/loudmouth-security/vulnerability-discl...

EPSS Score

20% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 7, 2024

JSON