PT-2023-18805 · Hughes Network Systems · Hughes Network Systems Router Terminal
Gjoko Krstic
·
Published
2023-01-26
·
Updated
2025-03-28
·
CVE-2023-22971
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Hughes Network Systems Router Terminal versions 6.9.0.37 through 8.3.1.14
Description
The issue allows unauthenticated attackers to misuse frames, include JS/HTML code, and steal sensitive information from legitimate users of the application. This is due to a Cross Site Scripting (XSS) vulnerability.
Recommendations
For Hughes Network Systems Router Terminal version 6.9.0.37, update to a version that contains a fix for this issue.
For Hughes Network Systems Router Terminal version 6.10.0.18, update to a version that contains a fix for this issue.
For Hughes Network Systems Router Terminal version 6.11.0.5, update to a version that contains a fix for this issue.
For Hughes Network Systems Router Terminal version 8.2.0.48, update to a version that contains a fix for this issue.
For Hughes Network Systems Router Terminal version 8.3.1.14, update to a version that contains a fix for this issue.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hughes Network Systems Router Terminal