The web interface on the RIGOL MSO5000 digital oscilloscope with firmware 00.01.03.00.03 allows remote attackers to execute arbitrary code via shell metacharacters in pass1 to the webcontrol changepwd.cgi application.

Related CVEs

CVE-2023-38378

Key Information

GHSA ID

GHSA-mg5m-xf56-mvr9

Published

July 16, 2023 6:30 PM

Last Modified

April 4, 2024 6:09 AM

CVSS Score

9.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: July 30, 2025 6:36 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.