Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in VR-S1000 firmware Ver. 2.37 and earlier allows an authenticated attacker who can access to the product's command line interface to execute an arbitrary command.

Related CVEs

CVE-2023-46681

Key Information

GHSA ID

GHSA-j9xf-xjq8-6vc5

Published

December 26, 2023 9:30 AM

Last Modified

January 4, 2024 3:30 AM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: June 28, 2025 6:27 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.