Lucene search

K
cve[email protected]CVE-2023-3332
HistoryJun 28, 2023 - 2:15 a.m.

CVE-2023-3332

2023-06-2802:15:49
CWE-79
web.nvd.nist.gov
22
cve
2023
3332
nec corporation
aterm
wg2600hp2
wg2600hp
wg2200hp
wg1800hp2
wg1800hp
wg1400hp
wg600hp
wg300hp
wf300hp
wr9500n
wr9300n
wr8750n
wr8700n
wr8600n
wr8370n
wr8175n
wr8170n
vulnerability
web page generation
arbitrary script
high privilege
cve-2023-3330
cve-2023-3331
nvd

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

5.1 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.0%

Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allowsย a attackerย to

execute an arbitrary script, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities.

Affected configurations

NVD
Node
necaterm_wf300hp_firmwareMatch-
AND
necaterm_wf300hpMatch-
Node
necaterm_wg1400hp_firmwareMatch-
AND
necaterm_wg1400hpMatch-
Node
necaterm_wg1800hp_firmwareMatch-
AND
necaterm_wg1800hpMatch-
Node
necaterm_wg1800hp2_firmwareMatch-
AND
necaterm_wg1800hp2Match-
Node
necaterm_wg2200hp_firmwareMatch-
AND
necaterm_wg2200hpMatch-
Node
necaterm_wg2600hp_firmwareMatch-
AND
necaterm_wg2600hpMatch-
Node
necaterm_wg2600hp2_firmwareMatch-
AND
necaterm_wg2600hp2Match-
Node
necaterm_wg300hp_firmwareMatch-
AND
necaterm_wg300hpMatch-
Node
necaterm_wg600hp_firmwareMatch-
AND
necaterm_wg600hpMatch-
Node
necaterm_wr8600n_firmwareMatch-
AND
necaterm_wr8600nMatch-
Node
necaterm_wr8700n_firmwareMatch-
AND
necaterm_wr8700nMatch-
Node
necaterm_wr8750n_firmwareMatch-
AND
necaterm_wr8750nMatch-
Node
necaterm_wr9300n_firmwareMatch-
AND
necaterm_wr9300nMatch-
Node
necaterm_wr9500n_firmwareMatch-
AND
necaterm_wr9500nMatch-
Node
necaterm_wr8170n_firmwareMatch-
AND
necaterm_wr8170nMatch-
Node
necaterm_wr8175n_firmwareMatch-
AND
necaterm_wr8175nMatch-
Node
necaterm_wr8370n_firmwareMatch-
AND
necaterm_wr8370nMatch-

CNA Affected

[
  {
    "defaultStatus": "unknown",
    "product": "Aterm WG2600HP2",
    "vendor": "NEC Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Aterm WG2600HP",
    "vendor": "NEC Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Aterm WG2200HP",
    "vendor": "NEC Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Aterm WG2200HP",
    "vendor": "NEC Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Aterm WG1800HP2",
    "vendor": "NEC Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Aterm WG1800HP",
    "vendor": "NEC Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Aterm WG1400HP",
    "vendor": "NEC Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Aterm WG600HP",
    "vendor": "NEC Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Aterm WG300HP",
    "vendor": "NEC Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Aterm WF300HP",
    "vendor": "NEC Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Aterm WR9500N",
    "vendor": "NEC Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Aterm WR9300N",
    "vendor": "NEC Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Aterm WR8750N",
    "vendor": "NEC Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Aterm WR8700N",
    "vendor": "NEC Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Aterm WR8600N",
    "vendor": "NEC Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Aterm WR8370N",
    "vendor": "NEC Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Aterm WR8175N",
    "vendor": "NEC Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Aterm WR8170N",
    "vendor": "NEC Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "all versions"
      }
    ]
  }
]

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

5.1 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.0%

Related for CVE-2023-3332