CVE-2023-3331

Published Jun 28, 2023
Last updated a year ago
CVSS medium 5.4
Overview

Description: Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to delete specific files in the product.
Source: psirt-info@cyber.jp.nec.com
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Primary
Base score: 5.4
Impact score: 2.5
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Severity: MEDIUM
Weaknesses

nvd@nist.gov: CWE-22
psirt-info@cyber.jp.nec.com: CWE-22
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:aterm_wf300hp_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4FDEB886-84A3-466F-A44D-C8343DC8EA26"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:aterm_wf300hp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "02D5D7A6-3E46-401A-8987-ECCC0D97BE73"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:aterm_wg1400hp_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3D2A5730-11AC-4920-ACC3-B16F3F06F74D"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:aterm_wg1400hp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0B516AF4-E4BE-4074-A8B7-67276C7B57CD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:aterm_wg1800hp_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C771D26-13FE-4821-8FAE-7B55E147C586"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:aterm_wg1800hp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "44146A63-6E9A-4A6A-836A-FA75E0954E35"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:aterm_wg1800hp2_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9971F7F6-56E0-49D8-8D77-EEE4E0398531"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:aterm_wg1800hp2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E7F7EC38-F304-41AD-9F85-39820E5945E6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:aterm_wg2200hp_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A48CCBD-1662-4188-ADBB-B3E69E2330F6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:aterm_wg2200hp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F167B2EE-7708-4A73-A52D-35725A0A1E29"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:aterm_wg2600hp_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B377AF40-2788-4192-AC90-E6395B62FC4C"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:aterm_wg2600hp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "872F8DA6-CB06-4886-801D-DC8F53EB7305"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:aterm_wg2600hp2_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85717CF6-DB27-4F5F-9685-5235A5EB402B"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:aterm_wg2600hp2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "49782342-2E93-475A-90A5-9EDF40F97137"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:aterm_wg300hp_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3736608B-2D6C-4E2B-A52D-D3F1E60C1498"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:aterm_wg300hp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "195A8A79-4E27-4EDD-975F-A4B58F040221"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:aterm_wg600hp_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CC22AB5-2239-45FB-B57E-6344FE3EA483"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:aterm_wg600hp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "049F25E4-A0A6-4E98-9FB2-63BF9D451B4A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:aterm_wr8600n_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "093CFEBE-49F0-4387-B0CD-377F580E37AA"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:aterm_wr8600n:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D96606ED-63AA-41E0-823A-16A2CD5200FD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:aterm_wr8700n_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9FCBF41D-824A-449C-9C1F-5FF3DE9D6F08"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:aterm_wr8700n:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1FD5B8F6-19F6-4F80-90C3-AC4EFE564FFF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:aterm_wr8750n_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "014F8A96-0AA2-4C65-89F8-2DF59717D079"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:aterm_wr8750n:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9559B967-CCD6-4CEE-ADD8-862D1D7E5D96"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:aterm_wr9300n_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96E88402-955F-4565-8219-1332DBC3FAB5"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:aterm_wr9300n:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B83D44BD-00FB-4F15-B543-84DF92E67CBD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:aterm_wr9500n_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1B542A9B-FBE4-446B-9BCF-F86859BB2F16"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:aterm_wr9500n:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "63C99E37-A070-49C3-BB3B-AE189F02E5F2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:aterm_wr8170n_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9E46CDB-A7B3-4A2C-8A91-E18986F60AC6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:aterm_wr8170n:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "24F752BB-CFD7-41EC-83FD-7C0A352C72B7"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:aterm_wr8175n_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D29A7303-517C-4FDE-AB97-9AD9D42F1E5F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:aterm_wr8175n:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "138732B4-C531-4DD3-B2C6-F672E72EE3AE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nec:aterm_wr8370n_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02434FCD-EBFB-4A93-A0F1-E0FED57715C1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nec:aterm_wr8370n:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B487F29B-4F4D-40EB-9D7E-48681370F5F6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References
