{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T22:38:08.218","vulnerabilities":[{"cve":{"id":"CVE-2023-43478","sourceIdentifier":"vulnreport@tenable.com","published":"2023-09-20T14:15:15.127","lastModified":"2024-11-21T08:24:07.540","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"fake_upload.cgi on the Telstra Smart Modem Gen 2 (Arcadyan LH1000), firmware versions < 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution as root. "},{"lang":"es","value":"fake_upload.cgi en Telstra Smart Modem Gen 2 (Arcadyan LH1000), versiones de firmware &lt; 0.18.15r, permite a atacantes no autenticados cargar imágenes de firmware y copias de seguridad de configuración, lo que podría permitirles alterar el firmware o la configuración en el dispositivo, lo que en última instancia lleva a para ejecutar el código como root."}],"metrics":{"cvssMetricV31":[{"source":"vulnreport@tenable.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:telstra:arcadyan_lh1000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"0.18.15r","matchCriteriaId":"35A4EC70-8D90-4C41-AD63-0C531644C396"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:telstra:arcadyan_lh1000:-:*:*:*:*:*:*:*","matchCriteriaId":"18BB9AA9-95B5-4EF5-B398-7B2E80991966"}]}]}],"references":[{"url":"https://www.tenable.com/security/research/tra-2023-19","source":"vulnreport@tenable.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.tenable.com/security/research/tra-2023-19","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}