| 1 | 1 | | ### Analyzing and Reproducing the Command Injection Vulnerability (CVE-2023-0861) in NetModule Routers |
| 2 | 2 | | |
| | 3 | + | NetModule is an Original Equipment Manufacturer (OEM) of industrial grade routers that are commonly used in critical |
| | 4 | + | infrastructure and industrial control systems. On February 24th, 2023, ONEKEY, a security research firm, released a security |
| | 5 | + | advisory disclosing a vulnerability that affect 9 NetModule routers. The vulnerability were identified within the web |
| | 6 | + | management interface and allow authenticated users to execute arbitrary commands with elevated privileges. |
| | 7 | + | As an individual interested in IoT security and firmware analysis, I find it valuable to review the entire reproduction process of |
| | 8 | + | reported vulnerabilities and In the pursuit of expanding my knowledge and skills, I took it upon myself to reproduce the |
| | 9 | + | disclosed vulnerability. |
| 3 | 10 | | |
Seif-Allah Homrani
committed
1 year ago
1 parent 3fbbd71b