CVE-2023-37560

Summary

Cross-site scripting vulnerability in WRH-300WH-H v2.12 and earlier, and WTC-300HWH v1.09 and earlier allows a remote unauthenticated attacker to inject an arbitrary script.

Affected Software

VendorProductVersion RangeStatus
ELECOM CO.,LTD.WRH-300WH-Hv2.12 and earlieraffected
ELECOM CO.,LTD.WTC-300HWHv1.09 and earlieraffected

Weaknesses

  • Cross-site scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References