How severe is CVE-2023-6321?

CVE-2023-6321 has a CVSS v3 score of 7.2 (HIGH).

CVE-2023-6321

7.2HIGH

A command injection vulnerability exists in the IOCTL that manages OTA updates. A specially crafted command can lead to command execution as the root user. An attacker can make authenticated requests

Published: 5/15/2024Updated: 2/11/2025

Description

A command injection vulnerability exists in the IOCTL that manages OTA updates. A specially crafted command can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.

AI AnalysisPowered by AI

Affected Products

owletcarecam_firmware

owletcarecam

owletcarecam_2_firmware

owletcarecam_2

throughtekkalay_platform

References

https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/
ExploitThird Party Advisory
https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/
ExploitThird Party Advisory