CVE-2023-41355

CRITICAL Year: 2023
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-940
View all →

Vulnerability Description

Chunghwa Telecom NOKIA G-040W-Q Firewall function has a vulnerability of input validation for ICMP redirect messages. An unauthenticated remote attacker can exploit this vulnerability by sending a crafted package to modify the network routing table, resulting in a denial of service or sensitive information leaking.

Related Vulnerabilities

CVE-2023-41094

CRITICAL
CVSS:9.8(Critical)

TouchLink packets processed after timeout or out of range due to Operation on a Resource after Expiration and Missing Release of Resource after Effective Lifetime may allow a device to be added outsid...

CWE-9402023

CVE-2024-38886

CRITICAL
CVSS:9.8(Critical)

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Traffic Injection attack due to improper verific...

CWE-9402024

CVE-2024-40515

CRITICAL
CVSS:9.8(Critical)

An issue in SHENZHEN TENDA TECHNOLOGY CO.,LTD Tenda AX2pro V16.03.29.48_cn allows a remote attacker to execute arbitrary code via the Routing functionality.

CWE-9402024

CVE-2023-3663

HIGH
CVSS:8.8(High)

In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity check might allow an unauthenticated remote attacker to manipulate the content of notifications received ...

CWE-9402023

CVE-2023-48387

HIGH
CVSS:8.8(High)

TAIWAN-CA(TWCA) JCICSecurityTool fails to check the source website and access locations when executing multiple Registry-related functions. In the scenario where a user is using the JCICSecurityTool a...

CWE-9402023

CVE-2024-40516

HIGH
CVSS:8.8(High)

An issue in H3C Technologies Co., Limited H3C Magic RC3000 RC3000V100R009 allows a remote attacker to execute arbitrary code via the Routing functionality.

CWE-9402024