Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-24157PUBLISHED: 2023-02-03A command injection vulnerability in the serverIp parameter in the function updateWifiInfo of TOTOLINK T8 V4.1.5cu allows attackers to execute arbitrary commands via a crafted MQTT packet.
CVE-2023-24151PUBLISHED: 2023-02-03A command injection vulnerability in the ip parameter in the function recvSlaveCloudCheckStatus of TOTOLINK T8 V4.1.5cu allows attackers to execute arbitrary commands via a crafted MQTT packet.
CVE-2023-24152PUBLISHED: 2023-02-03A command injection vulnerability in the serverIp parameter in the function meshSlaveUpdate of TOTOLINK T8 V4.1.5cu allows attackers to execute arbitrary commands via a crafted MQTT packet.
CVE-2023-24153PUBLISHED: 2023-02-03A command injection vulnerability in the version parameter in the function recvSlaveCloudCheckStatus of TOTOLINK T8 V4.1.5cu allows attackers to execute arbitrary commands via a crafted MQTT packet.
CVE-2023-24154PUBLISHED: 2023-02-03TOTOLINK T8 V4.1.5cu was discovered to contain a command injection vulnerability via the slaveIpList parameter in the function setUpgradeFW.
User Rank: Author
11/13/2015 | 6:37:09 AM
That being said, there's always going to be an exploitable software piece in the network. If not Windows then SAP, is not SAP then OSISoft. The inherent problem in these networks is the total lack of protection and logging in the controllers themselves. This creates a situation where any type of access to the network (malware, employees...) immediately poses a potentially devestating non-tracable threat.
My two cents anyway..