The Angeet ES3 KVM switch is vulnerable to a critical command injection flaw that allows authenticated users to execute OS-level commands and gain full control of the device.

The 'cfg.lua' script fails to properly sanitize user-supplied variables. An authenticated attacker can exploit this lack of validation to inject and execute arbitrary OS-level commands on the underlying operating system of the KVM device.

A compromise of a KVM (Keyboard, Video, Mouse) switch provides an attacker with direct access to the servers connected to the device. With a CVSS score of 9.1, this vulnerability poses a severe risk of data theft and hardware-level manipulation within a data center or server room environment.

Immediate Action: Apply the latest firmware update from Angeet for the ES3 KVM and change all administrative passwords immediately.

Proactive Monitoring: Monitor the KVM's management interface for unusual activity and review any available system logs for evidence of shell command execution.

Compensating Controls: Place the KVM management interface on a dedicated, isolated management network and restrict access to authorized administrators only.

Public Exploit Available: false

Administrators should prioritize updating the firmware of all Angeet ES3 KVM units. Because this vulnerability allows for full OS-level access, it could be used as a pivot point for broader network attacks if left unpatched.