CVE-2023-3333
CVE-2023-3333
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS —EPSS 0.6%KEV nãoPoC —Patch —
Ciclo de vida
28 jun 2023Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to execute an arbitrary OS command with the root privilege, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities.
Productos afectados
NEC Corporation · Aterm WF300HPNEC Corporation · Aterm WG1400HPNEC Corporation · Aterm WG1800HPNEC Corporation · Aterm WG1800HP2NEC Corporation · Aterm WG2200HPNEC Corporation · Aterm WG2600HPNEC Corporation · Aterm WG2600HP2NEC Corporation · Aterm WG300HPNEC Corporation · Aterm WG600HPNEC Corporation · Aterm WR8170NNEC Corporation · Aterm WR8175NNEC Corporation · Aterm WR8370NNEC Corporation · Aterm WR8600NNEC Corporation · Aterm WR8700NNEC Corporation · Aterm WR8750NNEC Corporation · Aterm WR9300NNEC Corporation · Aterm WR9500N¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →