Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to delete
specific files in the product.
References
Link | Resource |
---|---|
https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
AND |
|
Configuration 17 (hide)
AND |
|
History
05 Jul 2023, 18:45
Type | Values Removed | Values Added |
---|---|---|
First Time |
Nec aterm Wr8700n Firmware
Nec aterm Wr8170n Firmware Nec aterm Wg1800hp2 Nec aterm Wg2600hp2 Firmware Nec aterm Wg300hp Firmware Nec aterm Wr8175n Nec aterm Wr9500n Nec aterm Wr9300n Firmware Nec aterm Wr8750n Nec aterm Wg300hp Nec aterm Wg2200hp Nec aterm Wg2600hp Firmware Nec aterm Wg1400hp Nec aterm Wf300hp Nec aterm Wr8170n Nec aterm Wg2200hp Firmware Nec aterm Wg1800hp Nec aterm Wr8600n Nec aterm Wr8700n Nec aterm Wg2600hp2 Nec aterm Wg600hp Firmware Nec aterm Wr8600n Firmware Nec aterm Wr9500n Firmware Nec aterm Wf300hp Firmware Nec aterm Wg1400hp Firmware Nec aterm Wr8175n Firmware Nec aterm Wg2600hp Nec aterm Wr8750n Firmware Nec aterm Wr9300n Nec aterm Wr8370n Firmware Nec aterm Wg1800hp2 Firmware Nec aterm Wg1800hp Firmware Nec Nec aterm Wg600hp Nec aterm Wr8370n |
|
CPE | cpe:2.3:o:nec:aterm_wg1400hp_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wr8370n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wr8170n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wg1800hp_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wg300hp:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wr9300n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wg2600hp_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wr8170n:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wg1400hp:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wr8600n:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wr8700n:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wr8700n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wr8750n_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wr9500n:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wg2600hp2:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wg2600hp2_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wr9500n_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wf300hp:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wr8370n:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wg1800hp:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wr8750n:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wg600hp_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wr8600n_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wr8175n:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wg2200hp_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wg600hp:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wr9300n:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wg2600hp:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wf300hp_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wg1800hp2:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wg300hp_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wg2200hp:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wg1800hp2_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wr8175n_firmware:-:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
CWE | CWE-22 | |
References | (MISC) https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html - Vendor Advisory |
03 Jul 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
Summary | Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to delete specific files in the product. |
28 Jun 2023, 02:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-28 02:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-3331
Mitre link : CVE-2023-3331
CVE.ORG link : CVE-2023-3331
JSON object : View
Products Affected
nec
- aterm_wg2200hp_firmware
- aterm_wg2600hp2
- aterm_wr8175n_firmware
- aterm_wr8700n_firmware
- aterm_wg1800hp2
- aterm_wr8170n_firmware
- aterm_wr9500n_firmware
- aterm_wr8600n_firmware
- aterm_wg2600hp2_firmware
- aterm_wg2600hp
- aterm_wr9300n
- aterm_wg300hp
- aterm_wg1800hp
- aterm_wr8175n
- aterm_wr9500n
- aterm_wg300hp_firmware
- aterm_wg600hp
- aterm_wr8370n
- aterm_wg1800hp2_firmware
- aterm_wf300hp
- aterm_wr8750n
- aterm_wr9300n_firmware
- aterm_wr8600n
- aterm_wg1400hp_firmware
- aterm_wr8750n_firmware
- aterm_wr8370n_firmware
- aterm_wf300hp_firmware
- aterm_wg600hp_firmware
- aterm_wg1400hp
- aterm_wr8170n
- aterm_wg1800hp_firmware
- aterm_wr8700n
- aterm_wg2200hp
- aterm_wg2600hp_firmware
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')