CVE-2023-3330

CWE-22Path Traversal3 documents3 sources
Severity
4.3MEDIUM
EPSS
0.1%
top 69.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
17
NEC Corporation Aterm Wf300hpNEC Corporation Aterm Wg1400hpNEC Corporation Aterm Wg1800hp+14 more
Timeline
PublishedJun 28

Description

Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to obtain specific files in the product.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages17 packages

CVEListV5nec_corporation/aterm_wg1800hp2all versions
CVEListV5nec_corporation/aterm_wg2600hp2all versions
CVEListV5nec_corporation/aterm_wf300hpall versions
CVEListV5nec_corporation/aterm_wg300hpall versions
CVEListV5nec_corporation/aterm_wg600hpall versions

🔴Vulnerability Details

2
GHSA
GHSA-xxp5-q6rf-mmr6: Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm WG2200HP all versions allows a attacker to obtain s2023-06-28
CVEList
CVE-2023-3330: Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP,2023-06-28
CVE-2023-3330 (MEDIUM CVSS 4.3) | Improper Limitation of a Pathname t | cvebase.io