CVE-2023-3332: Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2,...

0.0 CVSS

Description

Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to

execute an arbitrary script, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities.

Classification

CVE ID: CVE-2023-3332

CVSS Base Severity: LOW

CVSS Base Score: 0.0

Affected Products

Vendor: NEC Corporation

Product: Aterm WG2600HP2

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 20.78% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html

Timeline

2024-12-05 00:31:58 UTC
CVE

Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2,...