Login Sign Up

CVE-2023-29711

9.8 CRITICAL
Remote Code Execution Authentication Bypass

📋 TL;DR

This vulnerability allows unauthenticated attackers to execute arbitrary code on Interlink PSG-5124 switches via crafted GET requests due to improper access control. It affects all systems running version 1.0.4 of this network switch firmware. Attackers can gain complete control of affected devices remotely.

💻 Affected Systems

Products:
  • Interlink PSG-5124
Versions: 1.0.4
Operating Systems: Embedded switch firmware
Default Config Vulnerable: ⚠️ Yes
Notes: All devices running this firmware version are vulnerable in default configuration.

📦 What is this software?

Psg 5124 Firmware by Interlink

View all CVEs affecting Psg 5124 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of network infrastructure, lateral movement to other systems, data exfiltration, and persistent backdoor installation.

🟠

Likely Case

Remote code execution leading to device takeover, network disruption, and potential credential harvesting.

🟢

If Mitigated

Limited impact if network segmentation isolates switches and strict firewall rules prevent external access.

🌐 Internet-Facing: HIGH - Directly exploitable via HTTP requests without authentication.
🏢 Internal Only: HIGH - Even internally, any network-accessible device is vulnerable to exploitation.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: CONFIRMED
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public proof-of-concept code exists and exploitation requires only HTTP GET requests.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Contact Interlink for firmware updates or replacement options.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate PSG-5124 switches from untrusted networks and restrict access to management interfaces.

Firewall Rules

all

Block all external HTTP/HTTPS access to switch management interfaces.

🧯 If You Can't Patch

  • Replace affected switches with updated models or different vendors
  • Implement strict network access controls and monitor for exploitation attempts

🔍 How to Verify

Check if Vulnerable:

Check firmware version via web interface or CLI. If version is 1.0.4, device is vulnerable.

Check Version:

Check web interface or use vendor-specific CLI commands (varies by device)

Verify Fix Applied:

Verify firmware has been updated to a version later than 1.0.4.

📡 Detection & Monitoring

Log Indicators:

  • Unusual HTTP GET requests to switch management interface
  • Unexpected process execution or configuration changes

Network Indicators:

  • HTTP requests with suspicious parameters to switch IPs
  • Outbound connections from switches to unexpected destinations

SIEM Query:

source_ip="switch_ip" AND http_method="GET" AND (uri CONTAINS "cmd" OR uri CONTAINS "exec" OR uri CONTAINS "system")

📊 Metadata

CVE ID: CVE-2023-29711
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-346
Published: June 22, 2023
Last Updated: December 12, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-29711, you might also want to check these:

CVE-2023-25366 9.8

This vulnerability in Siglent SDS oscilloscopes allows attackers to retrieve the web interface passw...

Same vulnerability type (CWE-346)
CVE-2024-8487 9.8

This CVE describes a Cross-Origin Resource Sharing (CORS) misconfiguration in modelscope/agentscope ...

Same vulnerability type (CWE-346)
CVE-2026-2790 9.8

This CVE describes a same-origin policy bypass vulnerability in Firefox's JAR (Java Archive) network...

Same vulnerability type (CWE-346)