CVE-2024-3850
published 2024-06-10CVE-2024-3850: Uniview NVR301-04S2-P4 is vulnerable to reflected cross-site scripting attack (XSS). An attacker could send a user a URL that if clicked on could execute…
PriorityP431medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
EXPLOIT
EPSS
0.90%
55.2th percentile
Uniview NVR301-04S2-P4 is vulnerable to reflected cross-site scripting attack (XSS). An attacker could send a user a URL that if clicked on could execute malicious JavaScript in their browser. This vulnerability also requires authentication before it can be exploited, so the scope and severity is limited. Also, even if JavaScript is executed, no additional benefits are obtained.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| uniview | nvr301-04s2-p4 | < NVR-B3801.20.17.240507 | NVR-B3801.20.17.240507 |
| uniview | nvr301-04s2-p4_firmware | < nvr-b3801.20.17.240507 | nvr-b3801.20.17.240507 |
CVSS provenance
nvdv3.15.4MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
nvdv4.04.8MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-r4pf-fm74-w9rw: Uniview NVR301-04S2-P4 is vulnerable to reflected cross-site scripting attack (XSS)
ghsa_unreviewed·2024-06-10
CVE-2024-3850 [MEDIUM] CWE-79 GHSA-r4pf-fm74-w9rw: Uniview NVR301-04S2-P4 is vulnerable to reflected cross-site scripting attack (XSS)
Uniview NVR301-04S2-P4 is vulnerable to reflected cross-site scripting attack (XSS). An attacker could send a user a URL that if clicked on could execute malicious JavaScript in their browser. This vulnerability also requires authentication before it can be exploited, so the scope and severity is limited. Also, even if JavaScript is executed, no additional benefits are obtained.
CISA ICS
Uniview NVR301-04S2-P4 (Update A)
cisa_ics·2024-09-24·CVSS 4.8
[MEDIUM] Uniview NVR301-04S2-P4 (Update A)
ICS Advisory
##
Uniview NVR301-04S2-P4 (Update A)
Last RevisedSeptember 24, 2024
Alert CodeICSA-24-156-01
Related topics:
Industrial Control Systems, Industrial Control System Vulnerabilities
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 5.1
- ATTENTION: Exploitable remotely/low attack complexity/public exploits available
- Vendor: Uniview
- Equipment: NVR301-04S2-P4
- Vulnerability: Cross-site Scripting
## 2. RISK EVALUATION
An attacker could send a user a URL that if clicked on could execute malicious JavaScript in their browser.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following version of Uniview NVR, a network video recorder, is affected:
- NVR301-04S2-P4: Versions prior to NVR-B3801.20.17.240507
## 3.2 Vulnerability Overview
## 3.2
No detection rules found.
Nuclei
Uniview NVR301-04S2-P4 - Cross-Site Scripting
nuclei·CVSS 4.8
CVE-2024-3850 [MEDIUM] Uniview NVR301-04S2-P4 - Cross-Site Scripting
Uniview NVR301-04S2-P4 - Cross-Site Scripting
Uniview NVR301-04S2-P4 contains a reflected cross-site scripting vulnerability via the PATH of LAPI. CISA and Uniview state that this vulnerability needs to be authenticated. This is incorrect. Any PATH payload can cause XSS. A submission to Mitre has been sent to update the verbiage in the finding as well as the CVSS score.
Template:
id: CVE-2024-3850
info:
name: Uniview NVR301-04S2-P4 - Cross-Site Scripting
author: Bleron Rrustemi,r3naissance
severity: medium
description: |
Uniview NVR301-04S2-P4 contains a reflected cross-site scripting vulnerability via the PATH of LAPI. CISA and Uniview state that this vulnerability needs to be authenticated. This is incorrect. Any PATH payload can cause XSS. A submission to Mitre has been sent to upda
No writeups or analysis indexed.
2024-06-10
Published