CVE-2023-3333: Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2,...

0.0 CVSS

Description

Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to execute an arbitrary OS command with the root privilege, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities.

Classification

CVE ID: CVE-2023-3333

CVSS Base Severity: LOW

CVSS Base Score: 0.0

Affected Products

Vendor: NEC Corporation

Product: Aterm WG2600HP2

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.14% (probability of being exploited)

EPSS Percentile: 50.65% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html

Timeline

2024-12-05 00:31:58 UTC
CVE

Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2,...