Search criteria
2 vulnerabilities found for FDS102 for FAdC/FAdCi by Frauscher
CVE-2023-5500 (GCVE-0-2023-5500)
Vulnerability from cvelistv5 – Published: 2023-12-11 07:13 – Updated: 2024-08-02 07:59
VLAI?
Title
Frauscher: FDS102 for FAdC/FAdCi remote code execution vulnerability
Summary
This vulnerability allows an remote attacker with low privileges to misuse Improper Control of Generation of Code ('Code Injection') to gain full control of the affected device.
Severity ?
8.8 (High)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Frauscher | FDS102 for FAdC/FAdCi |
Affected:
2.10.0 , ≤ 2.10.1
(semver)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-049/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FDS102 for FAdC/FAdCi",
"vendor": "Frauscher",
"versions": [
{
"lessThanOrEqual": "2.10.1",
"status": "affected",
"version": "2.10.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This vulnerability allows an remote attacker with low privileges to misuse Improper Control of Generation of Code (\u0027Code Injection\u0027) to gain full control of the affected device."
}
],
"value": "This vulnerability allows an remote attacker with low privileges to misuse Improper Control of Generation of Code (\u0027Code Injection\u0027) to gain full control of the affected device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-11T07:13:51.308Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-049/"
}
],
"source": {
"advisory": "VDE-2023-049",
"defect": [
"CERT@VDE#64600"
],
"discovery": "UNKNOWN"
},
"title": "Frauscher: FDS102 for FAdC/FAdCi remote code execution vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-5500",
"datePublished": "2023-12-11T07:13:51.308Z",
"dateReserved": "2023-10-10T13:52:02.969Z",
"dateUpdated": "2024-08-02T07:59:44.783Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5500 (GCVE-0-2023-5500)
Vulnerability from nvd – Published: 2023-12-11 07:13 – Updated: 2024-08-02 07:59
VLAI?
Title
Frauscher: FDS102 for FAdC/FAdCi remote code execution vulnerability
Summary
This vulnerability allows an remote attacker with low privileges to misuse Improper Control of Generation of Code ('Code Injection') to gain full control of the affected device.
Severity ?
8.8 (High)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Frauscher | FDS102 for FAdC/FAdCi |
Affected:
2.10.0 , ≤ 2.10.1
(semver)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-049/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FDS102 for FAdC/FAdCi",
"vendor": "Frauscher",
"versions": [
{
"lessThanOrEqual": "2.10.1",
"status": "affected",
"version": "2.10.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This vulnerability allows an remote attacker with low privileges to misuse Improper Control of Generation of Code (\u0027Code Injection\u0027) to gain full control of the affected device."
}
],
"value": "This vulnerability allows an remote attacker with low privileges to misuse Improper Control of Generation of Code (\u0027Code Injection\u0027) to gain full control of the affected device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-11T07:13:51.308Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-049/"
}
],
"source": {
"advisory": "VDE-2023-049",
"defect": [
"CERT@VDE#64600"
],
"discovery": "UNKNOWN"
},
"title": "Frauscher: FDS102 for FAdC/FAdCi remote code execution vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-5500",
"datePublished": "2023-12-11T07:13:51.308Z",
"dateReserved": "2023-10-10T13:52:02.969Z",
"dateUpdated": "2024-08-02T07:59:44.783Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}