CVE-2023-1731 HIGH

CVE-2023-1731: Improper Input Validation in Meinberg LTOS

Vendor Meinberg

Product LTOS

Weakness CWE-434 · Unrestricted file upload

Published April 24, 2023

Last update February 4, 2025

View on NVD All CVEs

CVSS base score

7.2/10

Attack vector Network

Attack complexity Low

Privileges required High

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

In Meinbergs LTOS versions prior to V7.06.013, the configuration file upload function would not correctly validate the input, which would allow an remote authenticated attacker with high privileges to execute arbitrary commands.

Key dates

02Disclosure timeline

April 24, 2023 CVE published

February 4, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-1731 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/434.html

Related vulnerabilities

04Related CVE

CVE-2020-8260 CVE-2026-0566 code-projects Content Management System edit_posts.php unrestricted upload CVE-2025-34077 WordPress Pie Register Plugin ≤ 3.7.1.4 Authentication Bypass RCE CVE-2025-32202 WordPress Insert or Embed Articulate Content into WordPress plugin <= 4.3000000025 - Arbitrary File Upload vulnerability CVE-2025-3783 SourceCodester Web-based Pharmacy Product Management System add-product.php unrestricted upload