CVE-2023-2389

Name of the Vulnerable Software and Affected Versions Netgear SRX5308 versions up to 4.3.5-3

Description The issue exists due to insufficient input validation in the web management interface of the Netgear SRX5308 router's embedded software. This allows a remote attacker to conduct a cross-site scripting attack by sending a specially crafted HTTP request using the smtpServer.emailServer parameter. The attack can be initiated remotely and affects an unknown part of the file scgi-bin/platform.cgi?page=firewall logs email.htm of the Web Management Interface component.

Recommendations For Netgear SRX5308 versions up to 4.3.5-3, consider disabling the smtpServer.emailServer parameter in the scgi-bin/platform.cgi?page=firewall logs email.htm endpoint as a temporary workaround until a patch is available. Restrict access to the Web Management Interface to minimize the risk of exploitation. Avoid using the smtpServer.emailServer parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.