Unrated severityCISA KEVNVD Advisory· Published Dec 6, 2023· Updated Oct 21, 2025

CVE-2023-49897

Description

An OS command injection vulnerability exists in AE1021PE firmware version 2.0.9 and earlier and AE1021 firmware version 2.0.9 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who can log in to the product.

Affected products

FXC Inc./AE1021v5
Range: 2.0.9 and earlier
FXC Inc./AE1021PEv5
Range: 2.0.9 and earlier

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

jvn.jp/en/vu/JVNVU92152057/mitre
www.akamai.com/blog/security-research/zero-day-vulnerability-spreading-mirai-patchedmitre
www.cisa.gov/news-events/ics-advisories/icsa-23-355-01mitre
www.fxc.jp/news/20231206mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.020
exploit	0.000
kev	0.120
patch	0.000
ransomware	0.000