CVE-2023-45852

CRITICAL EXPLOITED NUCLEI

Viessmann Vitogate 300 < 2.1.3.0 - RCE via ipaddr Shell Metacharacter Injection

Title source: llm

Exploitation Summary

CVE-2023-45852 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.

Description

In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an unauthenticated attacker to bypass authentication and execute arbitrary commands via shell metacharacters in the ipaddr params JSON data for the put method.

Nuclei Templates (1)

Viessmann Vitogate 300 - Remote Code Execution

CRITICALVERIFIEDby iamnoooob,rootxharsh,pdresearch

Shodan: title:"Vitogate 300" || http.title:"vitogate 300"

FOFA: title="Vitogate 300" || title="vitogate 300"

References (2)

Core 2

Core References

Product

https://connectivity.viessmann.com/gb/mp-fp/vitogate/vitogate-300-bn-mb.html

Exploit, Third Party Advisory

https://github.com/Push3AX/vul/blob/main/viessmann/Vitogate300_RCE.md

View Exploit ZIP pw:eip

Scores

CVSS v3 9.8

EPSS 0.1400

EPSS Percentile 96.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

VulnCheck KEV 2023-12-04

CWE

CWE-77

Status published

Products (1)

viessmann/vitogate_300_firmware < 2.1.3.0

Published Oct 14, 2023

Tracked Since Feb 18, 2026