CVE-2023-37057 : An issue in JLINK Unionman Technology Co. Ltd Jlink AX1800 v.1.0 allows a remote

An issue in JLINK Unionman Technology Co. Ltd Jlink AX1800 v.1.0 allows a remote attacker to execute arbitrary code via the router's authentication mechanism.

Published 2024-06-17 00:00:00

Updated 2025-03-14 20:15:12

Source MITRE

View at NVD, CVE.org

Vulnerability category: Execute code

Products affected by CVE-2023-37057

Please log in to view affected product information.

Exploit prediction scoring system (EPSS) score for CVE-2023-37057

EPSS FAQ

2.42%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 84 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-37057

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	134c704f-9b21-4f2e-91b3-4a467353bcc0	2024-07-03
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2023-37057

CWE-288 Authentication Bypass Using an Alternate Path or Channel

The product requires authentication, but the product has an alternate path or channel that does not require authentication.

Assigned by: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

References for CVE-2023-37057

https://jlink-global.com/

Gaming Monitors & Desktop Computer Monitors | Jlink
http://www.unionman.com.cn/en/contact.html

联系我们-Unionman
http://jlink.com

Welcome to J.Link,Inc.

CVEs referencing this url
https://github.com/ri5c/Jlink-Router-RCE

GitHub - ri5c/Jlink-Router-RCE

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2023-37057

Products affected by CVE-2023-37057

Exploit prediction scoring system (EPSS) score for CVE-2023-37057

CVSS scores for CVE-2023-37057

CWE ids for CVE-2023-37057

References for CVE-2023-37057