CVE-2023-49897

Summary

An OS command injection vulnerability exists in AE1021PE firmware version 2.0.9 and earlier and AE1021 firmware version 2.0.9 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who can log in to the product.

Affected Software

VendorProductVersion RangeStatus
FXC Inc.AE1021PE2.0.9 and earlieraffected
FXC Inc.AE10212.0.9 and earlieraffected

Weaknesses

  • OS command injection

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: no
    • Technical Impact: total

Additional References

References