Baicells Nova 436Q, Nova 430E, Nova 430i and Neutrino 430 LTE TDD eNodeB devices with firmware through QRTB 2.12.7 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. More information regarding CVE-2023-0776 can be reviewed here:
- Nova 436Q
- Nova 430e
- Nova 430i
- Neutrino 430
We are advising everyone running the following radios to upgrade their software to QRTB 2.12.8 immediately to resolve the vulnerability. Radios which are not updated run the risk of being exploited by the vulnerability via SSH and are susceptible to a breach.
Baicells has resolved this vulnerability version QRTB 2.12.8 and later. Firmware can be downloaded from our community page or upgraded via OMC.
Software Download: BaiBS_QRTB_2.12.8.IMG
Changelog:
==========================
Version BaiBS_QRTB_2.12.8
--------------------------
Bug Fixes:
- Fixed: HTTP Post vulnerability