Vulnerability-Lookup

CVE-2023-49897 (GCVE-0-2023-49897)

Vulnerability from cvelistv5 – Published: 2023-12-06 06:49 – Updated: 2025-10-21 23:05

CISA KEV

Summary

An OS command injection vulnerability exists in AE1021PE firmware version 2.0.9 and earlier and AE1021 firmware version 2.0.9 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who can log in to the product.

Severity ?

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

OS command injection

Assigner

jpcert

References

URL

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: 45069dc1-11fe-4beb-aa2d-4e30e2eade59

Vulnerability ID: CVE-2023-49897

Status: Confirmed

Status Updated: 2023-12-21 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2023-12-21

Asserted: 2023-12-21

Scope

Notes: KEV entry: FXC AE1021, AE1021PE OS Command Injection Vulnerability | Affected: FXC / AE1021, AE1021PE | Description: FXC AE1021 and AE1021PE contain an OS command injection vulnerability that allows authenticated users to execute commands via a network. | Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. | Due date: 2024-01-11 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://www.fxc.jp/news/20231206 ; https://nvd.nist.gov/vuln/detail/CVE-2023-49897

Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details

Cwes	CWE-78
Feed	CISA Known Exploited Vulnerabilities Catalog
Product	AE1021, AE1021PE
Due Date	2024-01-11
Date Added	2023-12-21
Vendorproject	FXC
Vulnerabilityname	FXC AE1021, AE1021PE OS Command Injection Vulnerability
Knownransomwarecampaignuse	Unknown

References

CVE-2023-49897

Created: 2026-02-02 12:26 UTC | Updated: 2026-02-06 07:17 UTC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T22:09:48.211Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.fxc.jp/news/20231206"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://jvn.jp/en/vu/JVNVU92152057/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-355-01"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.akamai.com/blog/security-research/zero-day-vulnerability-spreading-mirai-patched"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-49897",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2023-12-20T05:00:54.981164Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2023-12-21",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-49897"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-78",
                "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:05:29.972Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-49897"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2023-12-21T00:00:00+00:00",
            "value": "CVE-2023-49897 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "AE1021PE",
          "vendor": "FXC Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "2.0.9 and earlier"
            }
          ]
        },
        {
          "product": "AE1021",
          "vendor": "FXC Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "2.0.9 and earlier"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An OS command injection vulnerability exists in AE1021PE firmware version 2.0.9 and earlier and AE1021 firmware version 2.0.9 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who can log in to the product."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "OS command injection",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-22T04:06:04.193Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "url": "https://www.fxc.jp/news/20231206"
        },
        {
          "url": "https://jvn.jp/en/vu/JVNVU92152057/"
        },
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-355-01"
        },
        {
          "url": "https://www.akamai.com/blog/security-research/zero-day-vulnerability-spreading-mirai-patched"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2023-49897",
    "datePublished": "2023-12-06T06:49:41.752Z",
    "dateReserved": "2023-12-01T02:30:49.222Z",
    "dateUpdated": "2025-10-21T23:05:29.972Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2023-49897",
      "cwes": "[\"CWE-78\"]",
      "dateAdded": "2023-12-21",
      "dueDate": "2024-01-11",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://www.fxc.jp/news/20231206 ;  https://nvd.nist.gov/vuln/detail/CVE-2023-49897",
      "product": "AE1021, AE1021PE",
      "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
      "shortDescription": "FXC AE1021 and AE1021PE contain an OS command injection vulnerability that allows authenticated users to execute commands via a network.",
      "vendorProject": "FXC",
      "vulnerabilityName": "FXC AE1021, AE1021PE OS Command Injection Vulnerability"
    },
    "fkie_nvd": {
      "cisaActionDue": "2024-01-11",
      "cisaExploitAdd": "2023-12-21",
      "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
      "cisaVulnerabilityName": "FXC AE1021, AE1021PE OS Command Injection Vulnerability",
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fxc:ae1021_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.0.10\", \"matchCriteriaId\": \"4F8B5B94-BFD2-4037-B8E2-DCD4F843AD55\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:fxc:ae1021:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"03B391D9-2AF4-4889-BFA3-52C11B4390C5\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fxc:ae1021pe_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.0.10\", \"matchCriteriaId\": \"A110A774-F48F-4F4F-8EE0-FD17F94B8AB6\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:fxc:ae1021pe:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB758E1E-0CF5-4CA6-9A08-2B33BF296D67\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"An OS command injection vulnerability exists in AE1021PE firmware version 2.0.9 and earlier and AE1021 firmware version 2.0.9 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who can log in to the product.\"}, {\"lang\": \"es\", \"value\": \"Existe una vulnerabilidad de inyecci\\u00f3n de comandos del sistema operativo en la versi\\u00f3n 2.0.9 y anteriores del firmware AE1021PE y en la versi\\u00f3n 2.0.9 y anteriores del firmware AE1021. Si se explota esta vulnerabilidad, un atacante puede ejecutar un comando arbitrario del sistema operativo que pueda iniciar sesi\\u00f3n en el producto.\"}]",
      "id": "CVE-2023-49897",
      "lastModified": "2024-11-21T08:33:58.940",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}]}",
      "published": "2023-12-06T07:15:41.883",
      "references": "[{\"url\": \"https://jvn.jp/en/vu/JVNVU92152057/\", \"source\": \"vultures@jpcert.or.jp\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.akamai.com/blog/security-research/zero-day-vulnerability-spreading-mirai-patched\", \"source\": \"vultures@jpcert.or.jp\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-23-355-01\", \"source\": \"vultures@jpcert.or.jp\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.fxc.jp/news/20231206\", \"source\": \"vultures@jpcert.or.jp\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"https://jvn.jp/en/vu/JVNVU92152057/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.akamai.com/blog/security-research/zero-day-vulnerability-spreading-mirai-patched\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-23-355-01\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.fxc.jp/news/20231206\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "vultures@jpcert.or.jp",
      "vulnStatus": "Undergoing Analysis",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-78\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-49897\",\"sourceIdentifier\":\"vultures@jpcert.or.jp\",\"published\":\"2023-12-06T07:15:41.883\",\"lastModified\":\"2025-10-24T17:01:03.800\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An OS command injection vulnerability exists in AE1021PE firmware version 2.0.9 and earlier and AE1021 firmware version 2.0.9 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who can log in to the product.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en la versi\u00f3n 2.0.9 y anteriores del firmware AE1021PE y en la versi\u00f3n 2.0.9 y anteriores del firmware AE1021. Si se explota esta vulnerabilidad, un atacante puede ejecutar un comando arbitrario del sistema operativo que pueda iniciar sesi\u00f3n en el producto.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"cisaExploitAdd\":\"2023-12-21\",\"cisaActionDue\":\"2024-01-11\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"FXC AE1021, AE1021PE OS Command Injection Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fxc:ae1021_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.0.10\",\"matchCriteriaId\":\"4F8B5B94-BFD2-4037-B8E2-DCD4F843AD55\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:fxc:ae1021:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03B391D9-2AF4-4889-BFA3-52C11B4390C5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fxc:ae1021pe_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.0.10\",\"matchCriteriaId\":\"A110A774-F48F-4F4F-8EE0-FD17F94B8AB6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:fxc:ae1021pe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB758E1E-0CF5-4CA6-9A08-2B33BF296D67\"}]}]}],\"references\":[{\"url\":\"https://jvn.jp/en/vu/JVNVU92152057/\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.akamai.com/blog/security-research/zero-day-vulnerability-spreading-mirai-patched\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-23-355-01\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.fxc.jp/news/20231206\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://jvn.jp/en/vu/JVNVU92152057/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.akamai.com/blog/security-research/zero-day-vulnerability-spreading-mirai-patched\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-23-355-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.fxc.jp/news/20231206\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-49897\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.fxc.jp/news/20231206\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://jvn.jp/en/vu/JVNVU92152057/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-23-355-01\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.akamai.com/blog/security-research/zero-day-vulnerability-spreading-mirai-patched\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T22:09:48.211Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-49897\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2023-12-20T05:00:54.981164Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2023-12-21\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-49897\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2023-12-21T00:00:00+00:00\", \"value\": \"CVE-2023-49897 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-49897\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-78\", \"description\": \"CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-03T16:32:49.473Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"FXC Inc.\", \"product\": \"AE1021PE\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.0.9 and earlier\"}]}, {\"vendor\": \"FXC Inc.\", \"product\": \"AE1021\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.0.9 and earlier\"}]}], \"references\": [{\"url\": \"https://www.fxc.jp/news/20231206\"}, {\"url\": \"https://jvn.jp/en/vu/JVNVU92152057/\"}, {\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-23-355-01\"}, {\"url\": \"https://www.akamai.com/blog/security-research/zero-day-vulnerability-spreading-mirai-patched\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An OS command injection vulnerability exists in AE1021PE firmware version 2.0.9 and earlier and AE1021 firmware version 2.0.9 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who can log in to the product.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"OS command injection\"}]}], \"providerMetadata\": {\"orgId\": \"ede6fdc4-6654-4307-a26d-3331c018e2ce\", \"shortName\": \"jpcert\", \"dateUpdated\": \"2023-12-22T04:06:04.193Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-49897\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:05:29.972Z\", \"dateReserved\": \"2023-12-01T02:30:49.222Z\", \"assignerOrgId\": \"ede6fdc4-6654-4307-a26d-3331c018e2ce\", \"datePublished\": \"2023-12-06T06:49:41.752Z\", \"assignerShortName\": \"jpcert\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2023-49897

Vulnerability from fkie_nvd - Published: 2023-12-06 07:15 - Updated: 2025-10-24 17:01

CISA KEV

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
vultures@jpcert.or.jp	https://jvn.jp/en/vu/JVNVU92152057/	Third Party Advisory
vultures@jpcert.or.jp	https://www.akamai.com/blog/security-research/zero-day-vulnerability-spreading-mirai-patched	Exploit, Third Party Advisory
vultures@jpcert.or.jp	https://www.cisa.gov/news-events/ics-advisories/icsa-23-355-01	Third Party Advisory, US Government Resource
vultures@jpcert.or.jp	https://www.fxc.jp/news/20231206	Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://jvn.jp/en/vu/JVNVU92152057/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.akamai.com/blog/security-research/zero-day-vulnerability-spreading-mirai-patched	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.cisa.gov/news-events/ics-advisories/icsa-23-355-01	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://www.fxc.jp/news/20231206	Release Notes, Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-49897	US Government Resource

Impacted products

Vendor	Product	Version
fxc	ae1021_firmware	*
fxc	ae1021	-
fxc	ae1021pe_firmware	*
fxc	ae1021pe	-

JSON

To clipboard

{
  "cisaActionDue": "2024-01-11",
  "cisaExploitAdd": "2023-12-21",
  "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
  "cisaVulnerabilityName": "FXC AE1021, AE1021PE OS Command Injection Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fxc:ae1021_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F8B5B94-BFD2-4037-B8E2-DCD4F843AD55",
              "versionEndExcluding": "2.0.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:fxc:ae1021:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03B391D9-2AF4-4889-BFA3-52C11B4390C5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fxc:ae1021pe_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A110A774-F48F-4F4F-8EE0-FD17F94B8AB6",
              "versionEndExcluding": "2.0.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:fxc:ae1021pe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB758E1E-0CF5-4CA6-9A08-2B33BF296D67",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An OS command injection vulnerability exists in AE1021PE firmware version 2.0.9 and earlier and AE1021 firmware version 2.0.9 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who can log in to the product."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en la versi\u00f3n 2.0.9 y anteriores del firmware AE1021PE y en la versi\u00f3n 2.0.9 y anteriores del firmware AE1021. Si se explota esta vulnerabilidad, un atacante puede ejecutar un comando arbitrario del sistema operativo que pueda iniciar sesi\u00f3n en el producto."
    }
  ],
  "id": "CVE-2023-49897",
  "lastModified": "2025-10-24T17:01:03.800",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2023-12-06T07:15:41.883",
  "references": [
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://jvn.jp/en/vu/JVNVU92152057/"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.akamai.com/blog/security-research/zero-day-vulnerability-spreading-mirai-patched"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-355-01"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://www.fxc.jp/news/20231206"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://jvn.jp/en/vu/JVNVU92152057/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.akamai.com/blog/security-research/zero-day-vulnerability-spreading-mirai-patched"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-355-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://www.fxc.jp/news/20231206"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-49897"
    }
  ],
  "sourceIdentifier": "vultures@jpcert.or.jp",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

JVNDB-2023-009966

Vulnerability from jvndb - Published: 2023-12-07 15:09 - Updated:2023-12-25 16:54

Severity ?

8.0 (High) - cvssV3_0 - CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

FXC wireless LAN routers "AE1021PE" and "AE1021" vulnerable to OS command injection Critical

Details

"AE1021PE" and "AE1021" provided by FXC Inc. are information outlet-based wireless LAN routers. "AE1021PE" and "AE1021" contain an OS command injection vulnerability (CWE-78). JPCERT/CC has confirmed the communication which exploits this vulnerability. Ryu Kuki, Takayuki Sasaki, and Katsunari Yoshioka of Yokohama National University reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. And almost at the same time, The Akamai SIRT reported this vulnerability to CISA. JPCERT/CC coordinated with the developer.

References

Type

URL

	JVN	https://jvn.jp/en/vu/JVNVU92152057/index.html
	CVE	https://www.cve.org/CVERecord?id=CVE-2023-49897
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-49897
	CISA Known Exploited Vulnerabilities Catalog	https://cisa.gov/known-exploited-vulnerabilities-catalog
	ICS-CERT ADVISORY	https://www.cisa.gov/news-events/ics-advisories/icsa-23-355-01
	Related document	https://www.akamai.com/blog/security-research/zero-day-vulnerability-spreading-mirai-patched
	OS Command Injection(CWE-78)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	FXC Inc.	Wireless LAN router AE1021PE
	FXC Inc.	Wireless LAN router AE1021

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-009966.html",
  "dc:date": "2023-12-25T16:54+09:00",
  "dcterms:issued": "2023-12-07T15:09+09:00",
  "dcterms:modified": "2023-12-25T16:54+09:00",
  "description": "\"AE1021PE\" and \"AE1021\" provided by FXC Inc. are information outlet-based wireless LAN routers.\r\n\"AE1021PE\" and \"AE1021\" contain an OS command injection vulnerability (CWE-78).\r\n\r\nJPCERT/CC has confirmed the communication which exploits this vulnerability.\r\n\r\nRyu Kuki, Takayuki Sasaki, and Katsunari Yoshioka of Yokohama National University reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.\r\nAnd almost at the same time, The Akamai SIRT reported this vulnerability to CISA. JPCERT/CC coordinated with the developer.",
  "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-009966.html",
  "sec:cpe": [
    {
      "#text": "cpe:/o:fxc:ae1021pe_firmware",
      "@product": "Wireless LAN router AE1021PE",
      "@vendor": "FXC Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:fxc:ae1021_firmware",
      "@product": "Wireless LAN router AE1021",
      "@vendor": "FXC Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "8.0",
    "@severity": "High",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2023-009966",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/vu/JVNVU92152057/index.html",
      "@id": "JVNVU#92152057",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-49897",
      "@id": "CVE-2023-49897",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-49897",
      "@id": "CVE-2023-49897",
      "@source": "NVD"
    },
    {
      "#text": "https://cisa.gov/known-exploited-vulnerabilities-catalog",
      "@id": "CVE-2023-49897",
      "@source": "CISA Known Exploited Vulnerabilities Catalog"
    },
    {
      "#text": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-355-01",
      "@id": "ICSA-23-355-01",
      "@source": "ICS-CERT ADVISORY"
    },
    {
      "#text": "https://www.akamai.com/blog/security-research/zero-day-vulnerability-spreading-mirai-patched",
      "@id": "Actively Exploited Vulnerability in FXC Routers: Fixed, Patches Available",
      "@source": "Related document"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-78",
      "@title": "OS Command Injection(CWE-78)"
    }
  ],
  "title": "FXC wireless LAN routers \"AE1021PE\" and \"AE1021\" vulnerable to OS command injection Critical"
}

ICSA-23-355-01

Vulnerability from csaf_cisa - Published: 2023-12-21 07:00 - Updated: 2023-12-21 07:00

Summary

FXC AE1021/AE1021PE

Notes

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of this vulnerability could allow an attacker to achieve remote code execution on the device via NTP server settings.

Critical infrastructure sectors

Information Technology, Commercial Facilities

Countries/areas deployed

Japan

Company headquarters location

Japan

Recommended Practices

CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:

Recommended Practices

Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.

Recommended Practices

Locate control system networks and remote devices behind firewalls and isolating them from business networks.

Recommended Practices

When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.

Recommended Practices

Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

Recommended Practices

CISA has received reports of this vulnerability being actively exploited.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Ryu Kuki",
          "Takayuki Sasaki",
          "Katsunari Yoshioka"
        ],
        "organization": "Yokohama National University",
        "summary": "reporting this vulnerability to JPCERT/CC"
      },
      {
        "names": [
          "Chad Seaman",
          "Larry Cashdollar"
        ],
        "organization": "Akamai Technologies",
        "summary": "reporting this vulnerability to CISA"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of this vulnerability could allow an attacker to achieve remote code execution on the device via NTP server settings. ",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Information Technology, Commercial Facilities",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Japan",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Japan",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA has received reports of this vulnerability being actively exploited.",
        "title": "Recommended Practices"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "central@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-23-355-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2023/icsa-23-355-01.json"
      },
      {
        "category": "self",
        "summary": "ICSA Advisory ICSA-23-355-01 - Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-355-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/topics/industrial-control-systems"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "FXC AE1021/AE1021PE",
    "tracking": {
      "current_release_date": "2023-12-21T07:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-23-355-01",
      "initial_release_date": "2023-12-21T07:00:00.000000Z",
      "revision_history": [
        {
          "date": "2023-12-21T07:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "Initial Publication"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=2.0.9",
                "product": {
                  "name": "FXC AE1021PE firmware: \u003c=2.0.9",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "AE1021PE firmware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=2.0.9",
                "product": {
                  "name": "FXC AE1021 firmware: \u003c=2.0.9",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "AE1021 firmware"
          }
        ],
        "category": "vendor",
        "name": "FXC"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-49897",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "FXC AE1021/AE1021PE versions 2.0.9 and prior are vulnerable to a code injection that could allow an authenticated user to achieve remote code execution via NTP server settings.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-49897"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "FXC released the following versions to address this vulnerability:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "AE1021PE firmware: version 2.0.10.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "AE1021 firmware: version 2.0.10.",
          "product_ids": [
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "FXC recommends users apply the following settings:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Reset \"Factory setting\" and change the default management screen login password.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "For more information, see FXC\u0027s publication.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://www.fxc.jp/news/20231206"
        },
        {
          "category": "mitigation",
          "details": "For more information, see JPCERT/CC\u0027s security advisory.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "https://jvn.jp/en/vu/JVNVU92152057/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ]
    }
  ]
}

GSD-2023-49897

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2023-49897

Aliases

CVE-2023-49897

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-49897",
    "id": "GSD-2023-49897"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-49897"
      ],
      "details": "An OS command injection vulnerability exists in AE1021PE firmware version 2.0.9 and earlier and AE1021 firmware version 2.0.9 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who can log in to the product.",
      "id": "GSD-2023-49897",
      "modified": "2023-12-13T01:20:35.194418Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "vultures@jpcert.or.jp",
        "ID": "CVE-2023-49897",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "AE1021PE",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "2.0.9 and earlier"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "AE1021",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "2.0.9 and earlier"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "FXC Inc."
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An OS command injection vulnerability exists in AE1021PE firmware version 2.0.9 and earlier and AE1021 firmware version 2.0.9 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who can log in to the product."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "OS command injection"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.fxc.jp/news/20231206",
            "refsource": "MISC",
            "url": "https://www.fxc.jp/news/20231206"
          },
          {
            "name": "https://jvn.jp/en/vu/JVNVU92152057/",
            "refsource": "MISC",
            "url": "https://jvn.jp/en/vu/JVNVU92152057/"
          },
          {
            "name": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-355-01",
            "refsource": "MISC",
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-355-01"
          },
          {
            "name": "https://www.akamai.com/blog/security-research/zero-day-vulnerability-spreading-mirai-patched",
            "refsource": "MISC",
            "url": "https://www.akamai.com/blog/security-research/zero-day-vulnerability-spreading-mirai-patched"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "cisaActionDue": "2024-01-11",
        "cisaExploitAdd": "2023-12-21",
        "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
        "cisaVulnerabilityName": "FXC AE1021, AE1021PE OS Command Injection Vulnerability",
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:fxc:ae1021_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "4F8B5B94-BFD2-4037-B8E2-DCD4F843AD55",
                    "versionEndExcluding": "2.0.10",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:fxc:ae1021:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "03B391D9-2AF4-4889-BFA3-52C11B4390C5",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:fxc:ae1021pe_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "A110A774-F48F-4F4F-8EE0-FD17F94B8AB6",
                    "versionEndExcluding": "2.0.10",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:fxc:ae1021pe:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "BB758E1E-0CF5-4CA6-9A08-2B33BF296D67",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "An OS command injection vulnerability exists in AE1021PE firmware version 2.0.9 and earlier and AE1021 firmware version 2.0.9 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who can log in to the product."
          },
          {
            "lang": "es",
            "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en la versi\u00f3n 2.0.9 y anteriores del firmware AE1021PE y en la versi\u00f3n 2.0.9 y anteriores del firmware AE1021. Si se explota esta vulnerabilidad, un atacante puede ejecutar un comando arbitrario del sistema operativo que pueda iniciar sesi\u00f3n en el producto."
          }
        ],
        "id": "CVE-2023-49897",
        "lastModified": "2023-12-22T04:15:09.130",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 2.8,
              "impactScore": 5.9,
              "source": "nvd@nist.gov",
              "type": "Primary"
            }
          ]
        },
        "published": "2023-12-06T07:15:41.883",
        "references": [
          {
            "source": "vultures@jpcert.or.jp",
            "tags": [
              "Patch",
              "Third Party Advisory"
            ],
            "url": "https://jvn.jp/en/vu/JVNVU92152057/"
          },
          {
            "source": "vultures@jpcert.or.jp",
            "url": "https://www.akamai.com/blog/security-research/zero-day-vulnerability-spreading-mirai-patched"
          },
          {
            "source": "vultures@jpcert.or.jp",
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-355-01"
          },
          {
            "source": "vultures@jpcert.or.jp",
            "tags": [
              "Release Notes",
              "Vendor Advisory"
            ],
            "url": "https://www.fxc.jp/news/20231206"
          }
        ],
        "sourceIdentifier": "vultures@jpcert.or.jp",
        "vulnStatus": "Modified",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-78"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

GHSA-X3F3-J7QH-9WGJ

Vulnerability from github – Published: 2023-12-06 09:30 – Updated: 2025-10-22 00:32

Details

Severity ?

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-49897"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-78"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-12-06T07:15:41Z",
    "severity": "HIGH"
  },
  "details": "An OS command injection vulnerability exists in AE1021PE firmware version 2.0.9 and earlier and AE1021 firmware version 2.0.9 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who can log in to the product.",
  "id": "GHSA-x3f3-j7qh-9wgj",
  "modified": "2025-10-22T00:32:57Z",
  "published": "2023-12-06T09:30:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49897"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/en/vu/JVNVU92152057"
    },
    {
      "type": "WEB",
      "url": "https://www.akamai.com/blog/security-research/zero-day-vulnerability-spreading-mirai-patched"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-49897"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-355-01"
    },
    {
      "type": "WEB",
      "url": "https://www.fxc.jp/news/20231206"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-49897 (GCVE-0-2023-49897)

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Vendor Report Successful Exploitation Confidence: 80% Source: cisa-kev

Details

References

FKIE_CVE-2023-49897

JVNDB-2023-009966

ICSA-23-355-01

GSD-2023-49897

GHSA-X3F3-J7QH-9WGJ

Tags

Sightings

Nomenclature