CVE-2023-39367 – An OS command injection vulnerability in Peplin... (How to Fix)

Q: What is the severity of CVE-2023-39367?

CVE-2023-39367 has a CVSS score of 9.1 (CRITICAL). An OS command injection vulnerability in Peplink Smart Reader v1.2.0 allows authenticated attackers to execute arbitrary commands via the web interface's mac2name functionality. This can lead to complete system compromise of affected devices. Organizations using Peplink Smart Reader v1.2.0 in QEMU environments are affected.

📋 TL;DR

An OS command injection vulnerability in Peplink Smart Reader v1.2.0 allows authenticated attackers to execute arbitrary commands via the web interface's mac2name functionality. This can lead to complete system compromise of affected devices. Organizations using Peplink Smart Reader v1.2.0 in QEMU environments are affected.

💻 Affected Systems

Products:

Peplink Smart Reader

Versions: v1.2.0

Operating Systems: QEMU virtual environment

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated access to web interface; vulnerability exists in default configuration of affected version.

📦 What is this software?

Smart Reader Firmware by Peplink

View all CVEs affecting Smart Reader Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system takeover, data exfiltration, lateral movement to other network devices, and persistent backdoor installation.

🟠

Likely Case

Unauthorized access to device configuration, network reconnaissance, and potential data theft from connected systems.

🟢

If Mitigated

Limited impact with proper network segmentation, but still potential for device compromise within isolated segment.

🌐 Internet-Facing: HIGH - Web interface accessible from internet allows remote exploitation by authenticated attackers.

🏢 Internal Only: HIGH - Even internal attackers with credentials can exploit this for significant impact.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit requires authentication but is straightforward once credentials are obtained; detailed technical analysis available in Talos report.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Update to firmware version beyond v1.2.0 as specified in vendor advisory

Vendor Advisory: https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256

Restart Required: Yes

Instructions:

1. Download latest firmware from Peplink support portal. 2. Backup current configuration. 3. Upload firmware via web interface. 4. Apply update and restart device. 5. Verify successful update.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate Smart Reader devices from critical networks and restrict web interface access

Access Control Restrictions

linux

Implement strict authentication controls and limit web interface access to trusted IPs only

iptables -A INPUT -p tcp --dport 80 -s TRUSTED_IP -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -s TRUSTED_IP -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j DROP
iptables -A INPUT -p tcp --dport 443 -j DROP

🧯 If You Can't Patch

Disable web interface if not required for operations
Implement strict network segmentation and firewall rules to limit access to device

🔍 How to Verify

Check if Vulnerable:

Check firmware version via web interface or SSH: cat /etc/version | grep '1.2.0'

Check Version:

cat /etc/version

Verify Fix Applied:

Verify firmware version is updated beyond v1.2.0 and test mac2name functionality with safe input

📡 Detection & Monitoring

Log Indicators:

Unusual command execution patterns in system logs
Multiple failed authentication attempts followed by successful login
HTTP requests to mac2name endpoint with suspicious parameters

Network Indicators:

Unusual outbound connections from Smart Reader device
HTTP traffic to mac2name endpoint containing shell metacharacters

SIEM Query:

source="smart_reader" AND (uri_path="/mac2name" AND (query="*;*" OR query="*|*" OR query="*`*"))

📊 Metadata

CVE ID: CVE-2023-39367

CVSS v3 Score: 9.1 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE: CWE-78

Published: April 17, 2024

Last Updated: November 4, 2025

🔗 References

https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256 Vendor Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1867 Exploit,Third Party Advisory
https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256 Vendor Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1867 Exploit,Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1867

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-39367, you might also want to check these: