CVE-2023-3049

Unrestricted Upload of File with Dangerous Type vulnerability in TMT Lockcell allows Command Injection. This issue affects Lockcell: before 15.

critical 9.8 CVSS 3.1
Published: Jun 13, 2023
Modified: May 22, 2026
Vendor: Tmtmakine
Product: Lockcell Firmware

Description

Unrestricted Upload of File with Dangerous Type vulnerability in TMT Lockcell allows Command Injection.

This issue affects Lockcell: before 15.

References

Related CVEs

CVE-2023-3047 critical · 9.8
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TMT Lockcell allows SQL Injection. This issue affects Lockcell: before 15.
CVE-2023-3048 critical · 9.8
Authorization Bypass Through User-Controlled Key vulnerability in TMT Lockcell allows Authentication Abuse, Authentication Bypass. This issue affects Lockcell: before 15.
CVE-2023-3050 critical · 9.8
Reliance on Cookies without Validation and Integrity Checking in a Security Decision vulnerability in TMT Lockcell allows Privilege Abuse, Authentication Bypass. This issue affect