CVE-2023-41109

CRITICAL EXPLOITED NUCLEI

SmartNode SN200 3.21.2-23021 - Command Injection

Title source: llm

Description

SmartNode SN200 (aka SN200) 3.21.2-23021 allows unauthenticated OS Command Injection.

Nuclei Templates (1)

SmartNode SN200 Analog Telephone Adapter (ATA) & VoIP Gateway - Command Injection
CRITICALVERIFIEDby princechaddha

References (4)

Scores

CVSS v3 9.8
EPSS 0.9207
EPSS Percentile 99.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2024-06-22
CWE
CWE-78
Status published
Products (1)
patton/smartnode_sn200_firmware < 3.21.2-23021
Published Aug 28, 2023
Tracked Since Feb 18, 2026