CVE-2023-28392

HIGH EPSS 54.6%
Published May 23, 20233y ago · Modified Jun 17, 20262w ago
7.2 CVSS 3.1
High
Find Similar
Published May 23, 2023 3y ago
Last Modified Jun 17, 2026 2w ago

Description

Wi-Fi AP UNIT AC-PD-WAPU v1.05_B04 and earlier, AC-PD-WAPUM v1.05_B04 and earlier, AC-PD-WAPU-P v1.05_B04P and earlier, AC-PD-WAPUM-P v1.05_B04P and earlier, AC-WAPU-300 v1.00_B07 and earlier, AC-WAPU-300-P v1.00_B08P and earlier, AC-WAPUM-300 v1.00_B07 and earlier, and AC-WAPUM-300-P v1.00_B08P and earlier allow an authenticated user with an administrative privilege to execute an arbitrary OS command.

CVSS Details

Base Score
7.2
Exploitability
1.2
Impact
5.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required High
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
54.6% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-78 OS Command Injection Injection

Affected Products 8

VendorProductVersionRange
inabaac-wapu-300_firmware* ≤1.00_b07
inabaac-wapu-300*any
inabaac-wapu-300-p_firmware* ≤1.00_b08p
inabaac-wapu-300-p*any
inabaac-wapum-300_firmware* ≤1.00_b07
inabaac-wapum-300*any
inabaac-wapum-300-p_firmware* ≤1.00_b08p
inabaac-wapum-300-p*any

References 3

  • jvn.jp https://jvn.jp/en/jp/JVN28412757/
  • jvn.jp https://jvn.jp/en/vu/JVNVU98968780/
    Third Party Advisory
  • inaba.co.jp https://www.inaba.co.jp/abaniact/news/Wi-Fi%20AP%20UNIT%E3%80%8CAC-WAPU-300%E3%80%8D%E3%81%AB%E3%81%8A%E3%81%91%E3%82%8BOS%E3%82%B3%E3%83%9E%E3%83%B3%E3%83%89%E3%82%A4%E3%83%B3%E3%82%B8%E3%82%A7%E3%82%AF%E3%82%B7%E3%83%A7%E3%83%B3%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6.pdf
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.