CVE-2023-41917
CRITICALKiloview P1/P2 Speed-Measurement - Remote Command Execution
Title source: manualDescription
Inadequate input validation exposes the system to potential remote code execution (RCE) risks. Attackers can exploit this vulnerability by appending shell commands to the Speed-Measurement feature, enabling unauthorized code execution.
References (1)
Core 1
Core References
Various Sources
https://advisories.ncsc.nl/advisory?id=NCSC-2024-0273
Scores
CVSS v3
10.0
EPSS
0.0071
EPSS Percentile
48.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-20
Status
published
Products (1)
Kiloview/P1/P2
All - 4.8.2605
Published
Jul 02, 2024
Tracked Since
Feb 18, 2026