Details of VAR-202402-1635

ID

VAR-202402-1635

CVE

CVE-2023-31728

TITLE

teltonika-networks of rut240 Firmware vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2023-029130

DESCRIPTION

Teltonika RUT240 devices with firmware before 07.04.2, when bridge mode is used, sometimes make SSH and HTTP services available on the IPv6 WAN interface even though the UI shows that they are only available on the LAN interface. teltonika-networks of rut240 There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2023-31728 // JVNDB: JVNDB-2023-029130 // VULMON: CVE-2023-31728

AFFECTED PRODUCTS

vendor:	teltonika	model:	rut240	scope:	lt	version:	00.07.04.2	Trust: 1.0
vendor:	teltonika	model:	rut240	scope:	eq	version:	rut240 firmware 00.07.04.2	Trust: 0.8
vendor:	teltonika	model:	rut240	scope:	-	version:	-	Trust: 0.8
vendor:	teltonika	model:	rut240	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2023-029130 // NVD: CVE-2023-31728

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2023-31728
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2023-029130
value:	HIGH
Trust: 0.8

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2023-31728
baseSeverity:	HIGH
baseScore:	7.0
vectorString:	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.0
impactScore:	5.9
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2023-029130
baseSeverity:	HIGH
baseScore:	7.0
vectorString:	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2023-029130 // NVD: CVE-2023-31728

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2023-029130 // NVD: CVE-2023-31728

EXTERNAL IDS

db:	NVD	id:	CVE-2023-31728	Trust: 2.7
db:	JVNDB	id:	JVNDB-2023-029130	Trust: 0.8
db:	VULMON	id:	CVE-2023-31728	Trust: 0.1

sources: VULMON: CVE-2023-31728 // JVNDB: JVNDB-2023-029130 // NVD: CVE-2023-31728

REFERENCES

url:	https://research.exoticsilicon.com/articles/lte_ethernet_bridge_bug_followup	Trust: 1.9
url:	https://research.exoticsilicon.com/news	Trust: 1.9
url:	https://nvd.nist.gov/vuln/detail/cve-2023-31728	Trust: 0.8
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULMON: CVE-2023-31728 // JVNDB: JVNDB-2023-029130 // NVD: CVE-2023-31728

SOURCES

db:	VULMON	id:	CVE-2023-31728
db:	JVNDB	id:	JVNDB-2023-029130
db:	NVD	id:	CVE-2023-31728

LAST UPDATE DATE

2025-06-03T23:30:33.862000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2023-31728	date:	2024-02-17T00:00:00
db:	JVNDB	id:	JVNDB-2023-029130	date:	2025-06-02T05:44:00
db:	NVD	id:	CVE-2023-31728	date:	2025-05-30T15:38:38.977

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2023-31728	date:	2024-02-17T00:00:00
db:	JVNDB	id:	JVNDB-2023-029130	date:	2025-06-02T00:00:00
db:	NVD	id:	CVE-2023-31728	date:	2024-02-17T04:15:07.503