CVE-2023-43478 Information

Description

fake_upload.cgi on the Telstra Smart Modem Gen 2 (Arcadyan LH1000) firmware versions < 0.18.15r allows unauthenticated attackers to upload firmware images and configuration backups which could allow them to alter the firmware or the configuration on the device ultimately leading to code execution as root. 

Reference

https://www.tenable.com/security/research/tra-2023-19