PT-2023-24278 · Nec · Aterm Wg1800Hp+15

Taizoh Tsukamoto

Publicado

2023-06-28

Atualizado

2023-08-28

CVE-2023-3330

CVSS v3.1

4.3

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N (affected versions not specified)

Description The issue allows an attacker to obtain specific files in the product due to improper limitation of a pathname to a restricted directory.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Path traversal

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-22

Identificadores relacionados

CVE-2023-3330

Produtos afetados

Aterm W300P

Aterm Wg1400Hp

Aterm Wg1800Hp

Aterm Wg1800Hp2

Aterm Wg2200Hp

Aterm Wg2600Hs

Aterm Wg2600Hp2

Aterm Wg600Hp

Aterm Wr8170N

Aterm Wr8175N

Aterm Wr8370N

Aterm Wr8600N

Aterm Wr8700N

Aterm Wr8750N

Aterm Wr9300N

Aterm Wr9500N

PT-2023-24278 · Nec · Aterm Wg1800Hp+15

CVE-2023-3330

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 12