cnvd - cnvd-2023-43019

cnvd-2023-43019

Vulnerability from cnvd

Title: NETGEAR SRX5308跨站脚本漏洞（CNVD-2023-43019）

Description:

NETGEAR SRX5308是美国网件（NETGEAR）公司的一款VPN防火墙设备。

NETGEAR SRX5308存在跨站脚本漏洞，该漏洞源于对参数smtpServer.fromAddr的错误操作。攻击者可利用该漏洞获取用户cookie等敏感信息。

Severity: 低

Formal description:

目前没有详细解决方案提供： https://www.netgear.com/

Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-2388

Impacted products

Name
NETGEAR SRX5308 <4.3.5-3

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2023-2388",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2023-2388"
    }
  },
  "description": "NETGEAR SRX5308\u662f\u7f8e\u56fd\u7f51\u4ef6\uff08NETGEAR\uff09\u516c\u53f8\u7684\u4e00\u6b3eVPN\u9632\u706b\u5899\u8bbe\u5907\u3002\n\nNETGEAR SRX5308\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5bf9\u53c2\u6570smtpServer.fromAddr\u7684\u9519\u8bef\u64cd\u4f5c\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u7528\u6237cookie\u7b49\u654f\u611f\u4fe1\u606f\u3002",
  "formalWay": "\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u89e3\u51b3\u65b9\u6848\u63d0\u4f9b\uff1a \r\nhttps://www.netgear.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2023-43019",
  "openTime": "2023-06-01",
  "products": {
    "product": "NETGEAR SRX5308 \u003c4.3.5-3"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2023-2388",
  "serverity": "\u4f4e",
  "submitTime": "2023-05-06",
  "title": "NETGEAR SRX5308\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff08CNVD-2023-43019\uff09"
}

CVE-2023-2388 (GCVE-0-2023-2388)

Vulnerability from cvelistv5

Published

2023-04-28 19:31

Modified

2024-08-02 06:19

Severity ?

2.4 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
2.4 (Low) - CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N

CWE

CWE-79 - Cross Site Scripting

Summary

A vulnerability, which was classified as problematic, has been found in Netgear SRX5308 up to 4.3.5-3. Affected by this issue is some unknown functionality of the file scgi-bin/platform.cgi?page=firewall_logs_email.htm of the component Web Management Interface. The manipulation of the argument smtpServer.fromAddr leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-227666 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

References

▼	URL	Tags
	https://vuldb.com/?id.227666	vdb-entry, technical-description
	https://vuldb.com/?ctiid.227666	signature, permissions-required
	https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/8	broken-link, exploit

Impacted products

	Vendor	Product	Version
	Netgear	SRX5308	Version: 4.3.5-3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T06:19:14.993Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "technical-description",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?id.227666"
          },
          {
            "tags": [
              "signature",
              "permissions-required",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?ctiid.227666"
          },
          {
            "tags": [
              "broken-link",
              "exploit",
              "x_transferred"
            ],
            "url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/8"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "Web Management Interface"
          ],
          "product": "SRX5308",
          "vendor": "Netgear",
          "versions": [
            {
              "status": "affected",
              "version": "4.3.5-3"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "leetsun (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability, which was classified as problematic, has been found in Netgear SRX5308 up to 4.3.5-3. Affected by this issue is some unknown functionality of the file scgi-bin/platform.cgi?page=firewall_logs_email.htm of the component Web Management Interface. The manipulation of the argument smtpServer.fromAddr leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-227666 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
        },
        {
          "lang": "de",
          "value": "Eine problematische Schwachstelle wurde in Netgear SRX5308 bis 4.3.5-3 entdeckt. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion der Datei scgi-bin/platform.cgi?page=firewall_logs_email.htm der Komponente Web Management Interface. Durch Beeinflussen des Arguments smtpServer.fromAddr mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 2.4,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 2.4,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 3.3,
            "vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Cross Site Scripting",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-13T07:23:44.587Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.227666"
        },
        {
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.227666"
        },
        {
          "tags": [
            "broken-link",
            "exploit"
          ],
          "url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/8"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-04-28T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2023-04-28T00:00:00.000Z",
          "value": "CVE reserved"
        },
        {
          "lang": "en",
          "time": "2023-04-28T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2023-05-21T18:35:07.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "Netgear SRX5308 Web Management Interface cross site scripting"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2023-2388",
    "datePublished": "2023-04-28T19:31:03.818Z",
    "dateReserved": "2023-04-28T11:48:40.540Z",
    "dateUpdated": "2024-08-02T06:19:14.993Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted