CVE-2023-52163

Digiever DS-2105 Pro 3.1.0.71-11 devices allow time_tzsetup.cgi Command Injection. NOTE: This vulnerability only affects products that are no...

Basic Information

CVE State: PUBLISHED
Reserved Date: December 29, 2023
Published Date: February 03, 2025
Last Updated: February 05, 2025
Vendor: n/a
Product: n/a
Description: Digiever DS-2105 Pro 3.1.0.71-11 devices allow time_tzsetup.cgi Command Injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVSS Scores

CVSS v3.1

5.9 - MEDIUM

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

EPSS Score

Score: 0.89% (Percentile: 74.48%) as of 2025-06-04

SSVC Information

Exploitation: none
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (2025-05-07 00:00:00 UTC) Source

References

https://www.txone.com/blog/digiever-fixes-sorely-needed/ https://www.akamai.com/blog/security-research/digiever-fix-that-iot-thing

Known Exploited Vulnerability Information

Source	Added Date
The Shadowserver (via CIRCL)	2025-05-07 00:00:00 UTC

Timeline

CVE ID Reserved

December 29, 2023
CVE Published to Public

February 03, 2025
Added to KEVIntel

May 07, 2025