Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to
execute an arbitrary script, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities.
References
Link | Resource |
---|---|
https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html | Broken Link |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
AND |
|
Configuration 17 (hide)
AND |
|
History
05 Jul 2023, 19:19
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-79 | |
References | (MISC) https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html - Broken Link | |
First Time |
Nec aterm Wr8700n Firmware
Nec aterm Wr8170n Firmware Nec aterm Wg1800hp2 Nec aterm Wg2600hp2 Firmware Nec aterm Wg300hp Firmware Nec aterm Wr8175n Nec aterm Wr9500n Nec aterm Wr9300n Firmware Nec aterm Wr8750n Nec aterm Wg300hp Nec aterm Wg2200hp Nec aterm Wg2600hp Firmware Nec aterm Wg1400hp Nec aterm Wf300hp Nec aterm Wr8170n Nec aterm Wg2200hp Firmware Nec aterm Wg1800hp Nec aterm Wr8600n Nec aterm Wr8700n Nec aterm Wg2600hp2 Nec aterm Wg600hp Firmware Nec aterm Wr8600n Firmware Nec aterm Wr9500n Firmware Nec aterm Wf300hp Firmware Nec aterm Wg1400hp Firmware Nec aterm Wr8175n Firmware Nec aterm Wg2600hp Nec aterm Wr8750n Firmware Nec aterm Wr9300n Nec aterm Wr8370n Firmware Nec aterm Wg1800hp2 Firmware Nec aterm Wg1800hp Firmware Nec Nec aterm Wg600hp Nec aterm Wr8370n |
|
CPE | cpe:2.3:o:nec:aterm_wg1400hp_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wr8370n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wr8170n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wg1800hp_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wg300hp:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wr9300n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wg2600hp_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wr8170n:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wg1400hp:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wr8600n:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wr8700n:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wr8700n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wr8750n_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wr9500n:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wg2600hp2:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wg2600hp2_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wr9500n_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wf300hp:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wr8370n:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wg1800hp:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wr8750n:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wg600hp_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wr8600n_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wr8175n:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wg2200hp_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wg600hp:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wr9300n:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wg2600hp:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wf300hp_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wg1800hp2:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wg300hp_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:nec:aterm_wg2200hp:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wg1800hp2_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:nec:aterm_wr8175n_firmware:-:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.8 |
03 Jul 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
Summary | Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to execute an arbitrary script, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities. |
28 Jun 2023, 02:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-28 02:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-3332
Mitre link : CVE-2023-3332
CVE.ORG link : CVE-2023-3332
JSON object : View
Products Affected
nec
- aterm_wg2200hp_firmware
- aterm_wg2600hp2
- aterm_wr8175n_firmware
- aterm_wr8700n_firmware
- aterm_wg1800hp2
- aterm_wr8170n_firmware
- aterm_wr9500n_firmware
- aterm_wr8600n_firmware
- aterm_wg2600hp2_firmware
- aterm_wg2600hp
- aterm_wr9300n
- aterm_wg300hp
- aterm_wg1800hp
- aterm_wr8175n
- aterm_wr9500n
- aterm_wg300hp_firmware
- aterm_wg600hp
- aterm_wr8370n
- aterm_wg1800hp2_firmware
- aterm_wf300hp
- aterm_wr8750n
- aterm_wr9300n_firmware
- aterm_wr8600n
- aterm_wg1400hp_firmware
- aterm_wr8750n_firmware
- aterm_wr8370n_firmware
- aterm_wf300hp_firmware
- aterm_wg600hp_firmware
- aterm_wg1400hp
- aterm_wr8170n
- aterm_wg1800hp_firmware
- aterm_wr8700n
- aterm_wg2200hp
- aterm_wg2600hp_firmware
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')