CVE-2023-24508 HIGH

CVE-2023-24508: Remote Code Execution in Baicells RTS Platform

Vendor Baicells
Product Nova 227
Weakness CWE-79 · XSS
Published January 24, 2023
Last update March 27, 2025
View on NVD All CVEs

CVSS base score

8.1/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality Low
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:L

What the vulnerability does

01Description

Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB and Nova 246 devices with firmware through RTS/RTD 3.6.6 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods below have been tested and validated by a 3rd party analyst and has been confirmed exploitable special thanks to Rustam Amin for providing the steps to reproduce. 

Key dates

02Disclosure timeline

January 24, 2023 CVE published
March 27, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-31734 WordPress Simple Post Expiration plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability CVE-2025-6977 ProfileGrid – User Profiles, Groups and Communities <= 5.9.5.4 - Reflected Cross-Site Scripting via 'pm_get_messenger_notification' function CVE-2025-40902 HTML injection in Users in Guardian/CMC before 26.1.0 CVE-2024-3414 SourceCodester Human Resource Information System addcorporate_process.php cross site scripting CVE-2024-13069 SourceCodester Multi Role Login System add-user.php cross site scripting