CVE-2023-3332

{"id": "CVE-2023-3332", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 1.7}]}, "published": "2023-06-28T02:15:49.650", "references": [{"url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html", "tags": ["Broken Link"], "source": "psirt-info@cyber.jp.nec.com"}, {"url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "psirt-info@cyber.jp.nec.com", "description": [{"lang": "en", "value": "CWE-79"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0\n\nexecute an arbitrary script, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities."}], "lastModified": "2024-11-21T08:17:02.127", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:aterm_wf300hp_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4FDEB886-84A3-466F-A44D-C8343DC8EA26"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:aterm_wf300hp:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "02D5D7A6-3E46-401A-8987-ECCC0D97BE73"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:aterm_wg1400hp_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D2A5730-11AC-4920-ACC3-B16F3F06F74D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:aterm_wg1400hp:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0B516AF4-E4BE-4074-A8B7-67276C7B57CD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:aterm_wg1800hp_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C771D26-13FE-4821-8FAE-7B55E147C586"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:aterm_wg1800hp:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "44146A63-6E9A-4A6A-836A-FA75E0954E35"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:aterm_wg1800hp2_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9971F7F6-56E0-49D8-8D77-EEE4E0398531"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:aterm_wg1800hp2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E7F7EC38-F304-41AD-9F85-39820E5945E6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:aterm_wg2200hp_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A48CCBD-1662-4188-ADBB-B3E69E2330F6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:aterm_wg2200hp:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F167B2EE-7708-4A73-A52D-35725A0A1E29"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:aterm_wg2600hp_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B377AF40-2788-4192-AC90-E6395B62FC4C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:aterm_wg2600hp:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "872F8DA6-CB06-4886-801D-DC8F53EB7305"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:aterm_wg2600hp2_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85717CF6-DB27-4F5F-9685-5235A5EB402B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:aterm_wg2600hp2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "49782342-2E93-475A-90A5-9EDF40F97137"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:aterm_wg300hp_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3736608B-2D6C-4E2B-A52D-D3F1E60C1498"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:aterm_wg300hp:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "195A8A79-4E27-4EDD-975F-A4B58F040221"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:aterm_wg600hp_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6CC22AB5-2239-45FB-B57E-6344FE3EA483"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:aterm_wg600hp:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "049F25E4-A0A6-4E98-9FB2-63BF9D451B4A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:aterm_wr8600n_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "093CFEBE-49F0-4387-B0CD-377F580E37AA"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:aterm_wr8600n:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D96606ED-63AA-41E0-823A-16A2CD5200FD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:aterm_wr8700n_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FCBF41D-824A-449C-9C1F-5FF3DE9D6F08"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:aterm_wr8700n:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1FD5B8F6-19F6-4F80-90C3-AC4EFE564FFF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:aterm_wr8750n_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "014F8A96-0AA2-4C65-89F8-2DF59717D079"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:aterm_wr8750n:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9559B967-CCD6-4CEE-ADD8-862D1D7E5D96"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:aterm_wr9300n_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96E88402-955F-4565-8219-1332DBC3FAB5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:aterm_wr9300n:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B83D44BD-00FB-4F15-B543-84DF92E67CBD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:aterm_wr9500n_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B542A9B-FBE4-446B-9BCF-F86859BB2F16"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:aterm_wr9500n:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "63C99E37-A070-49C3-BB3B-AE189F02E5F2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:aterm_wr8170n_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9E46CDB-A7B3-4A2C-8A91-E18986F60AC6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:aterm_wr8170n:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "24F752BB-CFD7-41EC-83FD-7C0A352C72B7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:aterm_wr8175n_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D29A7303-517C-4FDE-AB97-9AD9D42F1E5F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:aterm_wr8175n:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "138732B4-C531-4DD3-B2C6-F672E72EE3AE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:aterm_wr8370n_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "02434FCD-EBFB-4A93-A0F1-E0FED57715C1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:aterm_wr8370n:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B487F29B-4F4D-40EB-9D7E-48681370F5F6"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt-info@cyber.jp.nec.com"}