Vulnerability Details CVE-2023-38378
The web interface on the RIGOL MSO5000 digital oscilloscope with firmware 00.01.03.00.03 allows remote attackers to execute arbitrary code via shell metacharacters in pass1 to the webcontrol changepwd.cgi application.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 65.2%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2023-38378
-
cpe:2.3:h:rigol:mso5000:-
-
cpe:2.3:o:rigol:mso5000_firmware:00.01.03.00.03