CVE-2023-3332
CVE-2023-3332
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
28 Jun 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to
execute an arbitrary script, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities.
Affected products
NEC Corporation · Aterm WF300HPNEC Corporation · Aterm WG1400HPNEC Corporation · Aterm WG1800HPNEC Corporation · Aterm WG1800HP2NEC Corporation · Aterm WG2200HPNEC Corporation · Aterm WG2600HPNEC Corporation · Aterm WG2600HP2NEC Corporation · Aterm WG300HPNEC Corporation · Aterm WG600HPNEC Corporation · Aterm WR8170NNEC Corporation · Aterm WR8175NNEC Corporation · Aterm WR8370NNEC Corporation · Aterm WR8600NNEC Corporation · Aterm WR8700NNEC Corporation · Aterm WR8750NNEC Corporation · Aterm WR9300NNEC Corporation · Aterm WR9500NWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →