Remote Code Execution Vulnerability in RIGOL MSO5000 Digital Oscilloscope
CVE-2023-38378 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
The web interface on the RIGOL MSO5000 digital oscilloscope with firmware 00.01.03.00.03 allows remote attackers to execute arbitrary code via shell metacharacters in pass1 to the webcontrol changepwd.cgi application.
Learn more about our Web App Pen Testing.