CVE-2023-2386

CVSS v2.0

3.3

Vector

AV:N/AC:L/Au:M/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Netgear SRX5308 versions up to 4.3.5-3

Description A vulnerability has been found in the Web Management Interface of Netgear SRX5308. The issue is due to insufficient input validation, which can be exploited by a remote attacker to conduct a cross-site scripting attack. This can be achieved by manipulating the

smtpServer.toAddr

argument in a specially crafted HTTP request to the "scgi-bin/platform.cgi?page=firewall logs email.htm" endpoint. The exploit has been disclosed publicly and may be used. The vendor was contacted about this disclosure but did not respond.

Recommendations For Netgear SRX5308 versions up to 4.3.5-3, consider disabling the Web Management Interface or restricting access to the "scgi-bin/platform.cgi?page=firewall logs email.htm" endpoint until a patch is available. Additionally, avoid using the

smtpServer.toAddr

argument in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-79

Related Identifiers

BDU:2023-02438

CVE-2023-2386

Affected Products

Netgear Srx5308

CVE-2023-2386

Weakness Enumeration

Related Identifiers

Affected Products

References · 7