Unrated severityNVD Advisory· Published Jun 28, 2023· Updated Dec 4, 2024

CVE-2023-3332

Description

Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to

execute an arbitrary script, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities.

Affected products

NEC Corporation/Aterm WF300HPv5
Range: all versions
NEC Corporation/Aterm WG1400HPv5
Range: all versions
NEC Corporation/Aterm WG1800HPv5
Range: all versions
NEC Corporation/Aterm WG1800HP2v5
Range: all versions
NEC Corporation/Aterm WG2200HPv5
Range: all versions
NEC/Aterm WG2600HScpe-rescue2 versions
all versions+ 1 more
- (no CPE)range: all versions
- (no CPE)range: all versions
NEC Corporation/Aterm WG300HPv5
Range: all versions
NEC Corporation/Aterm WG600HPv5
Range: all versions
NEC Corporation/Aterm WR8170Nv5
Range: all versions
NEC Corporation/Aterm WR8175Nv5
Range: all versions
NEC/Atermwr8370ncpe-rescue
Range: all versions
NEC/Atermwr8600ncpe-rescue
Range: all versions
NEC Corporation/Aterm WR8700Nv5
Range: all versions
NEC Corporation/Aterm WR8750Nv5
Range: all versions
NEC Corporation/Aterm WR9300Nv5
Range: all versions
NEC/Atermwr9500ncpe-rescue
Range: all versions

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

https//jpn.nec.com/security-info/secinfo/nv23-007_en.htmlmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000