Unrated severityNVD Advisory· Published Mar 1, 2023· Updated Mar 7, 2025
Unauthenticated Command Injection EG7035-M11 Series
CVE-2023-1097
Description
Baicells EG7035-M11 devices with firmware through BCE-ODU-1.0.8 are vulnerable to improper code exploitation via HTTP GET command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods have been tested and validated by a 3rd party analyst and have been confirmed exploitable special thanks to Lionel Musonza for the discovery.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=BCE-ODU-1.0.8+ 1 more
- (no CPE)range: <=BCE-ODU-1.0.8
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.