Web Page Generation Vulnerability in NEC Corporation Aterm Products
CVE-2023-3332

4.8MEDIUM

Key Information:

Vendor: Nec Corporation
Status: Aterm Wg2600HP2; Aterm Wg2600HP; Aterm Wg2200HP; Aterm Wg1800HP2
Vendor: CVE Published:; 28 June 2023

🔔 Create Nec Corporation Vulnerability Alert

What is CVE-2023-3332?

This security vulnerability in NEC Corporation's Aterm products allows an attacker to execute arbitrary scripts after gaining elevated privileges through previously identified vulnerabilities. Affecting all versions of several Aterm models, this flaw emphasizes the necessity for timely updates and vigilance in securing network interfaces.

Affected Version(s)

Aterm WF300HP all versions

Aterm WG1400HP all versions

Aterm WG1800HP all versions

References

https://https://jpn.nec.com/security-info/secinfo/nv23-00...

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 28, 2023
Vulnerability Reserved
Jun 20, 2023

Credit

Mr. Taizoh Tsukamoto in Mitsui Bussan Secure Directions, Inc.