Netgear SRX5308 até 4.3.5-3 Web Management Interface platform.cgi dhcp.SecDnsIPByte2 Roteiro Cruzado de Sítios

Uma vulnerabilidade foi encontrada em Netgear SRX5308 até 4.3.5-3 e classificada como problemático. Afectado é uma função desconhecida do ficheiro scgi-bin/platform.cgi?page=dmz_setup.htm do componente Web Management Interface. A manipulação do argumento dhcp.SecDnsIPByte2 com uma entrada desconhecida leva a Roteiro Cruzado de Sítios. Usar a CWE para declarar o problema leva à CWE-79. O aconselhamento é partilhado para download em github.com. A vulnerabilidade é identificada como CVE-2023-2384. O ataque pode ser feito a partir da rede. Os detalhes técnicos estão disponíveis. Além disso, há uma exploração disponível. A exploração foi divulgada ao público e pode ser utilizada. Esta vulnerabilidade é atribuída a T1059.007 pelo projecto MITRE ATT&CK. É declarado como proof-of-concept. É possível descarregar a exploração em github.com. Como 0 dia, o preço estimado do subsolo foi de cerca de $5k-$25k.

Campo28/04/2023 13h5521/05/2023 17h2921/05/2023 17h36
vendorNetgearNetgearNetgear
nameSRX5308SRX5308SRX5308
version<=4.3.5-3<=4.3.5-3<=4.3.5-3
componentWeb Management InterfaceWeb Management InterfaceWeb Management Interface
filescgi-bin/platform.cgi?page=dmz_setup.htmscgi-bin/platform.cgi?page=dmz_setup.htmscgi-bin/platform.cgi?page=dmz_setup.htm
argumentdhcp.SecDnsIPByte2dhcp.SecDnsIPByte2dhcp.SecDnsIPByte2
cwe79 (Roteiro Cruzado de Sítios)79 (Roteiro Cruzado de Sítios)79 (Roteiro Cruzado de Sítios)
risk111
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prHHH
cvss3_vuldb_uiRRR
cvss3_vuldb_sUUU
cvss3_vuldb_cNNN
cvss3_vuldb_iLLL
cvss3_vuldb_aNNN
cvss3_vuldb_ePPP
cvss3_vuldb_rcRRR
urlhttps://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/3https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/3https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/3
availability111
publicity111
urlhttps://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/3https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/3https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/3
cveCVE-2023-2384CVE-2023-2384CVE-2023-2384
responsibleVulDBVulDBVulDB
response_summaryThe vendor was contacted early about this disclosure but did not respond in any way.The vendor was contacted early about this disclosure but did not respond in any way.The vendor was contacted early about this disclosure but did not respond in any way.
date1682632800 (28/04/2023)1682632800 (28/04/2023)1682632800 (28/04/2023)
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_auMMM
cvss2_vuldb_ciNNN
cvss2_vuldb_iiPPP
cvss2_vuldb_aiNNN
cvss2_vuldb_ePOCPOCPOC
cvss2_vuldb_rcURURUR
cvss2_vuldb_rlNDNDND
cvss3_vuldb_rlXXX
cvss2_vuldb_basescore3.33.33.3
cvss2_vuldb_tempscore2.82.82.8
cvss3_vuldb_basescore2.42.42.4
cvss3_vuldb_tempscore2.22.22.2
cvss3_meta_basescore2.42.43.2
cvss3_meta_tempscore2.22.23.1
price_0day$5k-$25k$5k-$25k$5k-$25k
cve_assigned1682632800 (28/04/2023)1682632800 (28/04/2023)
cve_nvd_summaryA vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has been declared as problematic. This vulnerability affects unknown code of the file scgi-bin/platform.cgi?page=dmz_setup.htm of the component Web Management Interface. The manipulation of the argument dhcp.SecDnsIPByte2 leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-227662 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has been declared as problematic. This vulnerability affects unknown code of the file scgi-bin/platform.cgi?page=dmz_setup.htm of the component Web Management Interface. The manipulation of the argument dhcp.SecDnsIPByte2 leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-227662 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prH
cvss3_nvd_uiR
cvss3_nvd_sC
cvss3_nvd_cL
cvss3_nvd_iL
cvss3_nvd_aN
cvss2_nvd_avN
cvss2_nvd_acL
cvss2_nvd_auM
cvss2_nvd_ciN
cvss2_nvd_iiP
cvss2_nvd_aiN
cvss3_cna_avN
cvss3_cna_acL
cvss3_cna_prH
cvss3_cna_uiR
cvss3_cna_sU
cvss3_cna_cN
cvss3_cna_iL
cvss3_cna_aN
cve_cnaVulDB
cvss2_nvd_basescore3.3
cvss3_nvd_basescore4.8
cvss3_cna_basescore2.4

Want to stay up to date on a daily basis?

Enable the mail alert feature now!