8.8
HIGH
CVE-2023-27917
CONPROSYS IoT Gateway OS Command Injection Vulnerability
Description

OS command injection vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker who can access Network Maintenance page to execute arbitrary OS commands with a root privilege. The affected products and versions are as follows: M2M Gateway with the firmware Ver.3.7.10 and earlier (CPS-MG341-ADSC1-111, CPS-MG341-ADSC1-931, CPS-MG341G-ADSC1-111, CPS-MG341G-ADSC1-930, and CPS-MG341G5-ADSC1-931), M2M Controller Integrated Type with firmware Ver.3.7.6 and earlier versions (CPS-MC341-ADSC1-111, CPS-MC341-ADSC1-931, CPS-MC341-ADSC2-111, CPS-MC341G-ADSC1-110, CPS-MC341Q-ADSC1-111, CPS-MC341-DS1-111, CPS-MC341-DS11-111, CPS-MC341-DS2-911, and CPS-MC341-A1-111), and M2M Controller Configurable Type with firmware Ver.3.8.8 and earlier versions (CPS-MCS341-DS1-111, CPS-MCS341-DS1-131, CPS-MCS341G-DS1-130, CPS-MCS341G5-DS1-130, and CPS-MCS341Q-DS1-131).

INFO

Published Date :

April 11, 2023, 9:15 a.m.

Last Modified :

April 18, 2023, 7:38 p.m.

Remotely Exploitable :

Yes !

Impact Score :

5.9

Exploitability Score :

2.8
Public PoC/Exploit Available at Github

CVE-2023-27917 has a 2 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2023-27917 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Contec cps-mg341-adsc1-111_firmware
2 Contec cps-mg341-adsc1-931_firmware
3 Contec cps-mg341g-adsc1-111_firmware
4 Contec cps-mg341g-adsc1-930_firmware
5 Contec cps-mg341g5-adsc1-931_firmware
6 Contec cps-mc341-adsc1-111_firmware
7 Contec cps-mc341-adsc1-931_firmware
8 Contec cps-mc341-adsc2-111_firmware
9 Contec cps-mc341g-adsc1-110_firmware
10 Contec cps-mc341q-adsc1-111_firmware
11 Contec cps-mc341-ds1-111_firmware
12 Contec cps-mc341-ds11-111_firmware
13 Contec cps-mc341-ds2-911_firmware
14 Contec cps-mc341-a1-111_firmware
15 Contec cps-mcs341-ds1-111_firmware
16 Contec cps-mcs341-ds1-131_firmware
17 Contec cps-mcs341g-ds1-130_firmware
18 Contec cps-mcs341g5-ds1-130_firmware
19 Contec cps-mcs341q-ds1-131_firmware

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Contec Japan Co.,

Updated: 1 year, 8 months ago
1 stars 0 fork 0 watcher
Born at : Dec. 15, 2022, 3:07 a.m. This repo has been linked 2 different CVEs too.

Config files for my GitHub profile.

config github-config

Updated: 1 year, 10 months ago
0 stars 0 fork 0 watcher
Born at : Dec. 13, 2022, 6:25 a.m. This repo has been linked 4 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2023-27917 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2023-27917 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • Initial Analysis by [email protected]

    Apr. 18, 2023

    Action Type Old Value New Value
    Added CVSS V3.1 NIST AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    Changed Reference Type https://jvn.jp/en/vu/JVNVU96198617/ No Types Assigned https://jvn.jp/en/vu/JVNVU96198617/ Third Party Advisory
    Changed Reference Type https://www.contec.com/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_cps_230317_en.pdf No Types Assigned https://www.contec.com/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_cps_230317_en.pdf Mitigation, Vendor Advisory
    Changed Reference Type https://www.contec.com/download/donwload-list/?itemid=a054b3eb-da97-40d0-9598-d7f5ff4239ec#firmware No Types Assigned https://www.contec.com/download/donwload-list/?itemid=a054b3eb-da97-40d0-9598-d7f5ff4239ec#firmware Product
    Changed Reference Type https://www.contec.com/download/donwload-list/?itemid=a1b33f0d-d32b-4549-9741-613cd37d5528#firmware No Types Assigned https://www.contec.com/download/donwload-list/?itemid=a1b33f0d-d32b-4549-9741-613cd37d5528#firmware Product
    Changed Reference Type https://www.contec.com/download/donwload-list/?itemid=f832c526-dcf6-4976-85aa-f536c15a8120#firmware No Types Assigned https://www.contec.com/download/donwload-list/?itemid=f832c526-dcf6-4976-85aa-f536c15a8120#firmware Product
    Added CWE NIST CWE-78
    Added CPE Configuration AND OR *cpe:2.3:o:contec:cps-mg341-adsc1-111_firmware:*:*:*:*:*:*:*:* versions up to (including) 3.7.10 OR cpe:2.3:h:contec:cps-mg341-adsc1-111:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:contec:cps-mg341-adsc1-931_firmware:*:*:*:*:*:*:*:* versions up to (including) 3.7.10 OR cpe:2.3:h:contec:cps-mg341-adsc1-931:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:contec:cps-mg341g-adsc1-111_firmware:*:*:*:*:*:*:*:* versions up to (including) 3.7.10 OR cpe:2.3:h:contec:cps-mg341g-adsc1-111:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:contec:cps-mg341g-adsc1-930_firmware:*:*:*:*:*:*:*:* versions up to (including) 3.7.10 OR cpe:2.3:h:contec:cps-mg341g-adsc1-930:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:contec:cps-mg341g5-adsc1-931_firmware:*:*:*:*:*:*:*:* versions up to (including) 3.7.10 OR cpe:2.3:h:contec:cps-mg341g5-adsc1-931:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:contec:cps-mc341-adsc1-111_firmware:*:*:*:*:*:*:*:* versions up to (including) 3.7.6 OR cpe:2.3:h:contec:cps-mc341-adsc1-111:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:contec:cps-mc341-adsc1-931_firmware:*:*:*:*:*:*:*:* versions up to (including) 3.7.6 OR cpe:2.3:h:contec:cps-mc341-adsc1-931:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:contec:cps-mc341-adsc2-111_firmware:*:*:*:*:*:*:*:* versions up to (including) 3.7.6 OR cpe:2.3:h:contec:cps-mc341-adsc2-111:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:contec:cps-mc341g-adsc1-110_firmware:*:*:*:*:*:*:*:* versions up to (including) 3.7.6 OR cpe:2.3:h:contec:cps-mc341g-adsc1-110:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:contec:cps-mc341q-adsc1-111_firmware:*:*:*:*:*:*:*:* versions up to (including) 3.7.6 OR cpe:2.3:h:contec:cps-mc341q-adsc1-111:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:contec:cps-mc341-ds1-111_firmware:*:*:*:*:*:*:*:* versions up to (including) 3.7.6 OR cpe:2.3:h:contec:cps-mc341-ds1-111:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:contec:cps-mc341-ds11-111_firmware:*:*:*:*:*:*:*:* versions up to (including) 3.7.6 OR cpe:2.3:h:contec:cps-mc341-ds11-111:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:contec:cps-mc341-ds2-911_firmware:*:*:*:*:*:*:*:* versions up to (including) 3.7.6 OR cpe:2.3:h:contec:cps-mc341-ds2-911:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:contec:cps-mc341-a1-111_firmware:*:*:*:*:*:*:*:* versions up to (including) 3.7.6 OR cpe:2.3:h:contec:cps-mc341-a1-111:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:contec:cps-mcs341-ds1-111_firmware:*:*:*:*:*:*:*:* versions up to (including) 3.8.8 OR cpe:2.3:h:contec:cps-mcs341-ds1-111:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:contec:cps-mcs341-ds1-131_firmware:*:*:*:*:*:*:*:* versions up to (including) 3.8.8 OR cpe:2.3:h:contec:cps-mcs341-ds1-131:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:contec:cps-mcs341g-ds1-130_firmware:*:*:*:*:*:*:*:* versions up to (including) 3.8.8 OR cpe:2.3:h:contec:cps-mcs341g-ds1-130:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:contec:cps-mcs341g5-ds1-130_firmware:*:*:*:*:*:*:*:* versions up to (including) 3.8.8 OR cpe:2.3:h:contec:cps-mcs341g5-ds1-130:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:contec:cps-mcs341q-ds1-131_firmware:*:*:*:*:*:*:*:* versions up to (including) 3.8.8 OR cpe:2.3:h:contec:cps-mcs341q-ds1-131:-:*:*:*:*:*:*:*
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2023-27917 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

0.75 }} 0.22%

score

0.81349

percentile

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability