A vulnerability in the web-based management allows an unauthenticated remote attacker to inject arbitrary system commands and gain full system control. Those commands are executed with root privileges. The vulnerability is located in the user request handling of the web-based management.

Related CVEs

CVE-2023-4149

Key Information

GHSA ID

GHSA-m9j6-mhrg-j5gg

Published

November 21, 2023 9:30 AM

Last Modified

November 21, 2023 9:30 AM

CVSS Score

9.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 10, 2025 6:31 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.