First Published:
2023 January 24
Last Updated:
2023 January 24
Workarounds:
Upgrade to RTS/RTD 3.7.11.6 code or later
Summary:
Baicells Nova 227, Nova 233, Nova 243 LTE TDD eNodeB devices and Nova 246 with firmware through RTS/RTD 3.6.6 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. More information regarding CVE-2023-24508 can be reviewed here: CVE-2023-24508
Affected Products:
- Nova 227
- Nova 233
- Nova 243
- Nova 246
Resolution:
Baicells has resolved this vulnerability in software version 3.7.11.3 and later. Baicells recommends that all customers currently running an earlier version of RTS/RTD upgrade their products to the 3.7.11.6 firmware. Firmware can be downloaded from our community page or upgraded via OMC.
RTS 3.7.11.6: Firmware Download
Comments
0 comments
Please sign in to leave a comment.