CVE-2024-41643
MEDIUMArris NVG443B 9.3.0h3d36 - Authenticated Remote Code Execution via cshell Login Component
Title source: llmDescription
An issue in Arris NVG443B 9.3.0h3d36 allows a physically proximate attacker to execute arbitrary code via the cshell login component.
References (1)
Core 1
Core References
Various Sources
https://gavpherk.github.io/GavinKelsey/
Scores
CVSS v3
6.8
EPSS
0.0027
EPSS Percentile
18.8%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-94
Status
published
Published
Mar 26, 2025
Tracked Since
Feb 18, 2026