PT-2023-18805 · Hughes Network Systems · Hughes Network Systems Router Terminal
Gjoko Krstic
·
Publicado
2023-01-26
·
Atualizado
2025-03-28
·
CVE-2023-22971
CVSS v3.1
6.1
Média
| Vetor | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Hughes Network Systems Router Terminal versions 6.9.0.37 through 8.3.1.14
Description
The issue allows unauthenticated attackers to misuse frames, include JS/HTML code, and steal sensitive information from legitimate users of the application. This is due to a Cross Site Scripting (XSS) vulnerability.
Recommendations
For Hughes Network Systems Router Terminal version 6.9.0.37, update to a version that contains a fix for this issue.
For Hughes Network Systems Router Terminal version 6.10.0.18, update to a version that contains a fix for this issue.
For Hughes Network Systems Router Terminal version 6.11.0.5, update to a version that contains a fix for this issue.
For Hughes Network Systems Router Terminal version 8.2.0.48, update to a version that contains a fix for this issue.
For Hughes Network Systems Router Terminal version 8.3.1.14, update to a version that contains a fix for this issue.
Exploit
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Hughes Network Systems Router Terminal