Lucene search
HistoryJun 28, 2023 - 2:15 a.m.
CVE-2023-3331
cve-2023-3331
improper limitation
pathname
restricted directory
nec corporation
aterm routers
vulnerability
file deletion
nvd
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
5.2 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
16.0%
Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allowsย a attackerย toย delete
specific files in the product.
Affected configurations
Node
necaterm_wf300hp_firmwareMatch-
necaterm_wf300hpMatch-
Node
necaterm_wg1400hp_firmwareMatch-
necaterm_wg1400hpMatch-
Node
necaterm_wg1800hp_firmwareMatch-
necaterm_wg1800hpMatch-
Node
necaterm_wg1800hp2_firmwareMatch-
necaterm_wg1800hp2Match-
Node
necaterm_wg2200hp_firmwareMatch-
necaterm_wg2200hpMatch-
Node
necaterm_wg2600hp_firmwareMatch-
necaterm_wg2600hpMatch-
Node
necaterm_wg2600hp2_firmwareMatch-
necaterm_wg2600hp2Match-
Node
necaterm_wg300hp_firmwareMatch-
necaterm_wg300hpMatch-
Node
necaterm_wg600hp_firmwareMatch-
necaterm_wg600hpMatch-
Node
necaterm_wr8600n_firmwareMatch-
necaterm_wr8600nMatch-
Node
necaterm_wr8700n_firmwareMatch-
necaterm_wr8700nMatch-
Node
necaterm_wr8750n_firmwareMatch-
necaterm_wr8750nMatch-
Node
necaterm_wr9300n_firmwareMatch-
necaterm_wr9300nMatch-
Node
necaterm_wr9500n_firmwareMatch-
necaterm_wr9500nMatch-
Node
necaterm_wr8170n_firmwareMatch-
necaterm_wr8170nMatch-
Node
necaterm_wr8175n_firmwareMatch-
necaterm_wr8175nMatch-
Node
necaterm_wr8370n_firmwareMatch-
necaterm_wr8370nMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| nec:aterm_wf300hp_firmware | nec aterm wf300hp firmware | eq | - |
CNA Affected
[
{
"defaultStatus": "unknown",
"product": "Aterm WG2600HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Aterm WG2600HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Aterm WG2200HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Aterm WG2200HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Aterm WG1800HP2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Aterm WG1800HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Aterm WG1400HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Aterm WG600HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Aterm WG300HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Aterm WF300HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Aterm WR9500N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Aterm WR9300N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Aterm WR8750N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Aterm WR8700N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Aterm WR8600N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Aterm WR8370N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Aterm WR8175N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Aterm WR8170N",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2023-06-28 02:15:00
Design/Logic Flaw
2023-06-28 02:15:00
Command injection
2023-06-28 02:15:00
cvelist
cvelist
nvd
nvd
cve
cve
CVE-2023-3332
2023-06-28 02:15:49
CVE-2023-3333
2023-06-28 02:15:49
jvn
jvn
JVN#38343415: Multiple vulnerabilities in Aterm series
2023-06-27 00:00:00
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
5.2 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
16.0%
Related for CVE-2023-3331