CVE-2022-23397
published 2022-03-04CVE-2022-23397: The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL…
PriorityP277medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
0.91%
55.6th percentile
The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. NOTE: the vendor disputes this because the ado.im reference has "no clear steps of reproduction."
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cedargate | ez-net_portal | — | — |
| cedargate | ez-net_portal | — | — |
| cedargate | ez-net_portal | — | — |
| cedargate | ez-net_portal | — | — |
Detection & IOCsextracted from sources · hover to see the quote
path/EZ-NET60/
- →CVE-2022-23397 is a Reflected XSS triggered via a URL parameter in the portal's message-display function; monitor/alert on requests to EZ-NET endpoints containing unsanitized script payloads in URL parameters ↗
- ·Vendor disputes the CVE, stating the referenced ado.im report has no clear steps of reproduction; validate exploitability in your environment before treating as confirmed. ↗
- ·Affected versions are Cedar Gate EZ-NET portal 6.5.5 and 6.8.0; scope detection to those specific versions. ↗
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vulncheck6.1MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4hh4-fq35-2mx6: The Cedar Gate EZ-NET portal 6
ghsa_unreviewed·2022-03-05
CVE-2022-23397 [MEDIUM] CWE-79 GHSA-4hh4-fq35-2mx6: The Cedar Gate EZ-NET portal 6
The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability.
VulnCheck
cedargate ez-net_portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
vulncheck·2022·CVSS 6.1
CVE-2022-23397 [MEDIUM] cedargate ez-net_portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
cedargate ez-net_portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. NOTE: the vendor disputes this because the ado.im reference has "no clear steps of reproduction."
Affected: cedargate ez-net_portal
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://app.crowdsec.net/cti/cve-explorer/CVE-2022-23397
No detection rules found.
Nuclei
Cedar Gate EZ-NET <= 6.8.0 - Cross-Site Scripting
nuclei·CVSS 6.1
CVE-2022-23397 [MEDIUM] Cedar Gate EZ-NET <= 6.8.0 - Cross-Site Scripting
Cedar Gate EZ-NET "
matchers:
- type: dsl
dsl:
- 'contains_all(body, ">", "/EZ-NET60/")'
- 'contains(content_type, "text/html")'
- 'status_code == 200'
condition: and
# digest: 4a0a00473045022100dc2fe8a586067c65a43817b1f973a544bc0e13cd04c273adaa2bfd510136b28c02201af4b25829282ba4621225956605bf0585a8fed74337e6c4fd2ce1f1c6a75590:922c64590222798bb761d5b6d8e72950
No writeups or analysis indexed.
2022-03-04
Published
Exploited in the wild