{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T10:23:44.159","vulnerabilities":[{"cve":{"id":"CVE-2023-6260","sourceIdentifier":"57dba5dd-1a03-47f6-8b36-e84e47d335d8","published":"2024-02-19T22:15:48.460","lastModified":"2025-02-05T22:35:57.283","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Brivo ACS100, ACS300 allows OS Command Injection, Bypassing Physical Security.This issue affects ACS100 (Network Adjacent Access), ACS300 (Physical Access): from 5.2.4 before 6.2.4.3.\n\n"},{"lang":"es","value":"Neutralización inadecuada de elementos especiales utilizados en una vulnerabilidad de comando del sistema operativo ('inyección de comando del sistema operativo') en Brivo ACS100, ACS300 permite la inyección de comandos del sistema operativo, evitando la seguridad física. Este problema afecta a ACS100 (acceso adyacente a la red), ACS300 (acceso físico): desde 5.2 .4 antes del 6.2.4.3."}],"metrics":{"cvssMetricV31":[{"source":"57dba5dd-1a03-47f6-8b36-e84e47d335d8","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"57dba5dd-1a03-47f6-8b36-e84e47d335d8","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:brivo:acs100_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2.4","versionEndIncluding":"6.2.4.3","matchCriteriaId":"80906C11-31EB-496E-A5E6-CCC61AA1AF41"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:brivo:acs100:-:*:*:*:*:*:*:*","matchCriteriaId":"B21FAE09-C308-4E75-87C0-15F6637D139C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:brivo:acs300_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2.4","versionEndExcluding":"6.2.4.3","matchCriteriaId":"E455B577-1BD1-45CA-B744-4459B18B9E99"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:brivo:acs300:-:*:*:*:*:*:*:*","matchCriteriaId":"DC69BFA4-EAD9-4C60-BE90-5722C07F2B65"}]}]}],"references":[{"url":"https://sra.io/advisories/","source":"57dba5dd-1a03-47f6-8b36-e84e47d335d8","tags":["Third Party Advisory"]},{"url":"https://support.brivo.com/l/en/article/g82txdwepa-brivo-firmware-release-notes#brivo_firmware_release_6_2_4_3","source":"57dba5dd-1a03-47f6-8b36-e84e47d335d8","tags":["Release Notes"]},{"url":"https://sra.io/advisories/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://support.brivo.com/l/en/article/g82txdwepa-brivo-firmware-release-notes#brivo_firmware_release_6_2_4_3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes"]}]}}]}