CVE-2023-26213

HIGH

Barracuda CloudGen WAN Private Edge Gateway <8.3.1-174141891 - Comm...

Title source: llm

Description

On Barracuda CloudGen WAN Private Edge Gateway devices before 8 webui-sdwan-1089-8.3.1-174141891, an OS command injection vulnerability exists in /ajax/update_certificate - a crafted HTTP request allows an authenticated attacker to execute arbitrary commands. For example, a name field can contain :password and a password field can contain shell metacharacters.

References (4)

Core 4

Core References

Release Notes

https://campus.barracuda.com/product/cloudgenwan/doc/96024723/release-notes-8-3-1/

Exploit, Third Party Advisory

https://sec-consult.com/vulnerability-lab/advisory/os-command-injection-in-barracuda-cloudgen-wan/

Product

https://www.barracuda.com/products/network-security/cloudgen-wan

Exploit, Mailing List, Third Party Advisory mailing-list

http://seclists.org/fulldisclosure/2023/Mar/2

Scores

CVSS v3 7.2

EPSS 0.0788

EPSS Percentile 94.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-78

Status published

Products (7)

barracuda/t100b_firmware 8.3.1

barracuda/t193a_firmware 8.3.1

barracuda/t200c_firmware 8.3.1

barracuda/t400c_firmware 8.3.1

barracuda/t600d_firmware 8.3.1

barracuda/t900b_firmware 8.3.1

barracuda/t93a_firmware 8.3.1

Published Mar 03, 2023

Tracked Since Feb 18, 2026