CVE-2023-3331
N/A
N/A
Summary
Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to delete
specific files in the product.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| NEC Corporation | Aterm WG2600HP2 | all versions | affected |
| NEC Corporation | Aterm WG2600HP | all versions | affected |
| NEC Corporation | Aterm WG2200HP | all versions | affected |
| NEC Corporation | Aterm WG2200HP | all versions | affected |
| NEC Corporation | Aterm WG1800HP2 | all versions | affected |
| NEC Corporation | Aterm WG1800HP | all versions | affected |
| NEC Corporation | Aterm WG1400HP | all versions | affected |
| NEC Corporation | Aterm WG600HP | all versions | affected |
| NEC Corporation | Aterm WG300HP | all versions | affected |
| NEC Corporation | Aterm WF300HP | all versions | affected |
| NEC Corporation | Aterm WR9500N | all versions | affected |
| NEC Corporation | Aterm WR9300N | all versions | affected |
| NEC Corporation | Aterm WR8750N | all versions | affected |
| NEC Corporation | Aterm WR8700N | all versions | affected |
| NEC Corporation | Aterm WR8600N | all versions | affected |
| NEC Corporation | Aterm WR8370N | all versions | affected |
| NEC Corporation | Aterm WR8175N | all versions | affected |
| NEC Corporation | Aterm WR8170N | all versions | affected |
Weaknesses
- CWE-22: CWE-22: Improper Limitation of a Pathname to a Restricted Directory
Workarounds
Stop using the products or remove the USB storage.
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.