CVE-2023-0862 - Vulnerability Details - OpenCVE

The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote command execution with elevated privileges. This issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact total

Vendors	Products
Netmodule	Nb1601 Nb1800 Nb1810 Nb2800 Nb2810 Nb3701 Nb3800 Nb800 Netmodule Router Software Ng800

Configuration 1 [-]

AND

OR	cpe:2.3:a:netmodule:netmodule_router_software::::::::
	cpe:2.3:a:netmodule:netmodule_router_software::::::::
	cpe:2.3:a:netmodule:netmodule_router_software::::::::
	cpe:2.3:a:netmodule:netmodule_router_software::::::::

OR	cpe:2.3:h:netmodule:nb1601:-:::::::*
	cpe:2.3:h:netmodule:nb1800:-:::::::*
	cpe:2.3:h:netmodule:nb1810:-:::::::*
	cpe:2.3:h:netmodule:nb2800:-:::::::*
	cpe:2.3:h:netmodule:nb2810:-:::::::*
	cpe:2.3:h:netmodule:nb3701:-:::::::*
	cpe:2.3:h:netmodule:nb3800:-:::::::*
	cpe:2.3:h:netmodule:nb800:-:::::::*
	cpe:2.3:h:netmodule:ng800:-:::::::*

No data.

References

Link	Providers
https://onekey.com/blog/security-advisory-netmodule-multiple-vulnerabilities/
https://share.netmodule.com/public/system-software/4.7/4.7.0.103/NRSW-RN-4.7.0.103.pdf

History

Tue, 18 Mar 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: ONEKEY

Published: 2023-02-16T09:07:09.930Z

Updated: 2025-03-18T14:50:42.840Z

Reserved: 2023-02-16T09:01:36.192Z

Link: CVE-2023-0862

Vulnrichment

Updated: 2024-08-02T05:24:34.659Z

NVD

Status : Modified

Published: 2023-02-16T10:15:11.983

Modified: 2024-11-21T07:37:59.533

Link: CVE-2023-0862

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-0862", "assignerOrgId": "2d533b80-6e4a-4e20-93e2-171235122846", "state": "PUBLISHED", "assignerShortName": "ONEKEY", "dateReserved": "2023-02-16T09:01:36.192Z", "datePublished": "2023-02-16T09:07:09.930Z", "dateUpdated": "2025-03-18T14:50:42.840Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["web administration interface"], "product": "NSRW", "vendor": "NetModule", "versions": [{"lessThan": "4.3.0.119", "status": "affected", "version": "4.3.0.0", "versionType": "4.3.0.119"}, {"lessThan": "4.4.0.118", "status": "affected", "version": "4.4.0.0", "versionType": "4.4.0.118"}, {"lessThan": "4.6.0.105", "status": "affected", "version": "4.6.0.0", "versionType": "4.6.0.105"}, {"lessThan": "4.7.0.103", "status": "affected", "version": "4.7.0.0", "versionType": "4.7.0.103"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Quentin Kaiser from ONEKEY Research Labs"}], "datePublic": "2023-02-16T09:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote command execution with elevated privileges.<br><br>This issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103.<br>"}], "value": "The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote command execution with elevated privileges.\n\nThis issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103.\n"}], "impacts": [{"capecId": "CAPEC-126", "descriptions": [{"lang": "en", "value": "CAPEC-126 Path Traversal"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "2d533b80-6e4a-4e20-93e2-171235122846", "shortName": "ONEKEY", "dateUpdated": "2023-02-21T08:24:22.762Z"}, "references": [{"url": "https://share.netmodule.com/public/system-software/4.7/4.7.0.103/NRSW-RN-4.7.0.103.pdf"}, {"url": "https://onekey.com/blog/security-advisory-netmodule-multiple-vulnerabilities/"}], "source": {"discovery": "EXTERNAL"}, "title": "Path Traversal in NetModule NSRW", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:24:34.659Z"}, "title": "CVE Program Container", "references": [{"url": "https://share.netmodule.com/public/system-software/4.7/4.7.0.103/NRSW-RN-4.7.0.103.pdf", "tags": ["x_transferred"]}, {"url": "https://onekey.com/blog/security-advisory-netmodule-multiple-vulnerabilities/", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-18T14:50:33.476944Z", "id": "CVE-2023-0862", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-18T14:50:42.840Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://share.netmodule.com/public/system-software/4.7/4.7.0.103/NRSW-RN-4.7.0.103.pdf", "tags": ["x_transferred"]}, {"url": "https://onekey.com/blog/security-advisory-netmodule-multiple-vulnerabilities/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:24:34.659Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-0862", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-03-18T14:50:33.476944Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-18T14:50:03.518Z"}}], "cna": {"title": "Path Traversal in NetModule NSRW", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Quentin Kaiser from ONEKEY Research Labs"}], "impacts": [{"capecId": "CAPEC-126", "descriptions": [{"lang": "en", "value": "CAPEC-126 Path Traversal"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "NetModule", "modules": ["web administration interface"], "product": "NSRW", "versions": [{"status": "affected", "version": "4.3.0.0", "lessThan": "4.3.0.119", "versionType": "4.3.0.119"}, {"status": "affected", "version": "4.4.0.0", "lessThan": "4.4.0.118", "versionType": "4.4.0.118"}, {"status": "affected", "version": "4.6.0.0", "lessThan": "4.6.0.105", "versionType": "4.6.0.105"}, {"status": "affected", "version": "4.7.0.0", "lessThan": "4.7.0.103", "versionType": "4.7.0.103"}], "defaultStatus": "unaffected"}], "datePublic": "2023-02-16T09:00:00.000Z", "references": [{"url": "https://share.netmodule.com/public/system-software/4.7/4.7.0.103/NRSW-RN-4.7.0.103.pdf"}, {"url": "https://onekey.com/blog/security-advisory-netmodule-multiple-vulnerabilities/"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote command execution with elevated privileges.\n\nThis issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103.\n", "supportingMedia": [{"type": "text/html", "value": "The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote command execution with elevated privileges.<br><br>This issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103.<br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "2d533b80-6e4a-4e20-93e2-171235122846", "shortName": "ONEKEY", "dateUpdated": "2023-02-21T08:24:22.762Z"}}}, "cveMetadata": {"cveId": "CVE-2023-0862", "state": "PUBLISHED", "dateUpdated": "2025-03-18T14:50:42.840Z", "dateReserved": "2023-02-16T09:01:36.192Z", "assignerOrgId": "2d533b80-6e4a-4e20-93e2-171235122846", "datePublished": "2023-02-16T09:07:09.930Z", "assignerShortName": "ONEKEY"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netmodule:netmodule_router_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "FA6AD24E-E27F-4078-8066-AB0E0D1CAA33", "versionEndExcluding": "4.3.0.119", "versionStartIncluding": "4.3.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:netmodule:netmodule_router_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "8000F0E9-A55B-472E-B71E-20097FC15C58", "versionEndExcluding": "4.4.0.118", "versionStartIncluding": "4.4.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:netmodule:netmodule_router_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "EFFBFAD7-53CB-4755-A338-2FE945B3689F", "versionEndExcluding": "4.6.0.105", "versionStartIncluding": "4.6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:netmodule:netmodule_router_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "B543F356-8395-4F7E-A3C8-1A5DB362533C", "versionEndExcluding": "4.7.0.103", "versionStartIncluding": "4.7.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netmodule:nb1601:-:*:*:*:*:*:*:*", "matchCriteriaId": "5C90BC32-C405-4178-B944-9CF39C212C46", "vulnerable": false}, {"criteria": "cpe:2.3:h:netmodule:nb1800:-:*:*:*:*:*:*:*", "matchCriteriaId": "A80AE348-C415-4B5F-B359-26E2F2A132F7", "vulnerable": false}, {"criteria": "cpe:2.3:h:netmodule:nb1810:-:*:*:*:*:*:*:*", "matchCriteriaId": "A3CF8E81-2EB5-4CDC-9FC9-CEAF4E1E7514", "vulnerable": false}, {"criteria": "cpe:2.3:h:netmodule:nb2800:-:*:*:*:*:*:*:*", "matchCriteriaId": "EFF579A1-A31C-47F3-912A-43F5B4894497", "vulnerable": false}, {"criteria": "cpe:2.3:h:netmodule:nb2810:-:*:*:*:*:*:*:*", "matchCriteriaId": "41310FAF-CD23-4126-942D-DA950A96DF3E", "vulnerable": false}, {"criteria": "cpe:2.3:h:netmodule:nb3701:-:*:*:*:*:*:*:*", "matchCriteriaId": "962F7AFA-76A3-4F83-AA2C-AB168C644104", "vulnerable": false}, {"criteria": "cpe:2.3:h:netmodule:nb3800:-:*:*:*:*:*:*:*", "matchCriteriaId": "7120564A-4FE0-403E-A976-9658A665E51A", "vulnerable": false}, {"criteria": "cpe:2.3:h:netmodule:nb800:-:*:*:*:*:*:*:*", "matchCriteriaId": "3B550124-772B-4384-BA89-72B68E01F61E", "vulnerable": false}, {"criteria": "cpe:2.3:h:netmodule:ng800:-:*:*:*:*:*:*:*", "matchCriteriaId": "0408E588-146F-4AD2-9D58-A12EBA83A697", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote command execution with elevated privileges.\n\nThis issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103.\n"}], "id": "CVE-2023-0862", "lastModified": "2024-11-21T07:37:59.533", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "research@onekey.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-02-16T10:15:11.983", "references": [{"source": "research@onekey.com", "tags": ["Third Party Advisory"], "url": "https://onekey.com/blog/security-advisory-netmodule-multiple-vulnerabilities/"}, {"source": "research@onekey.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://share.netmodule.com/public/system-software/4.7/4.7.0.103/NRSW-RN-4.7.0.103.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://onekey.com/blog/security-advisory-netmodule-multiple-vulnerabilities/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://share.netmodule.com/public/system-software/4.7/4.7.0.103/NRSW-RN-4.7.0.103.pdf"}], "sourceIdentifier": "research@onekey.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "research@onekey.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}