Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2023-3332
HistoryJun 28, 2023 - 2:15 a.m.

CVE-2023-3332

2023-06-2802:15:49
CWE-79
[email protected]
web.nvd.nist.gov
2
web page generation
nec corporation
aterm routers
cve-2023-3332
arbitrary script
high privilege

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

5.2 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.4%

JSON

Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allowsย a attackerย to

execute an arbitrary script, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities.

Affected configurations

NVD
Node
necaterm_wf300hp_firmwareMatch-
AND
necaterm_wf300hpMatch-
Node
necaterm_wg1400hp_firmwareMatch-
AND
necaterm_wg1400hpMatch-
Node
necaterm_wg1800hp_firmwareMatch-
AND
necaterm_wg1800hpMatch-
Node
necaterm_wg1800hp2_firmwareMatch-
AND
necaterm_wg1800hp2Match-
Node
necaterm_wg2200hp_firmwareMatch-
AND
necaterm_wg2200hpMatch-
Node
necaterm_wg2600hp_firmwareMatch-
AND
necaterm_wg2600hpMatch-
Node
necaterm_wg2600hp2_firmwareMatch-
AND
necaterm_wg2600hp2Match-
Node
necaterm_wg300hp_firmwareMatch-
AND
necaterm_wg300hpMatch-
Node
necaterm_wg600hp_firmwareMatch-
AND
necaterm_wg600hpMatch-
Node
necaterm_wr8600n_firmwareMatch-
AND
necaterm_wr8600nMatch-
Node
necaterm_wr8700n_firmwareMatch-
AND
necaterm_wr8700nMatch-
Node
necaterm_wr8750n_firmwareMatch-
AND
necaterm_wr8750nMatch-
Node
necaterm_wr9300n_firmwareMatch-
AND
necaterm_wr9300nMatch-
Node
necaterm_wr9500n_firmwareMatch-
AND
necaterm_wr9500nMatch-
Node
necaterm_wr8170n_firmwareMatch-
AND
necaterm_wr8170nMatch-
Node
necaterm_wr8175n_firmwareMatch-
AND
necaterm_wr8175nMatch-
Node
necaterm_wr8370n_firmwareMatch-
AND
necaterm_wr8370nMatch-

Related

prion 4
cvelist 4
cve 4
jvn 1
nvd 3
prion
prion
Design/Logic Flaw
2023-06-28 02:15:00
Command injection
2023-06-28 02:15:00
Design/Logic Flaw
2023-06-28 02:15:00
cvelist
cvelist
CVE-2023-3332
2023-06-28 01:25:03
CVE-2023-3333
2023-06-28 01:33:27
CVE-2023-3330
2023-06-28 01:13:03
cve
cve
CVE-2023-3332
2023-06-28 02:15:49
CVE-2023-3333
2023-06-28 02:15:49
CVE-2023-3330
2023-06-28 02:15:49
jvn
jvn
JVN#38343415: Multiple vulnerabilities in Aterm series
2023-06-27 00:00:00
nvd
nvd
CVE-2023-3333
2023-06-28 02:15:49
CVE-2023-3330
2023-06-28 02:15:49
CVE-2023-3331
2023-06-28 02:15:49

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

5.2 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.4%

JSON
Related for NVD:CVE-2023-3332
prion4cvelist4cve4jvn1nvd3