CVE-2023-27572

Опубликовано: 15 апр. 2023

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

An issue was discovered in CommScope Arris DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. A reflected XSS vulnerability was discovered in the https_redirect.php web page via the page parameter.

Ссылки

https://sec-consult.com/en/vulnerability-lab/advisories/index.html
Exploit
Third Party Advisory
https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-arris-dg3450-cable-gateway/
Exploit
Third Party Advisory
https://www.sec-consult.com/en/blog/
Not Applicable
https://sec-consult.com/en/vulnerability-lab/advisories/index.html
Exploit
Third Party Advisory
https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-arris-dg3450-cable-gateway/
Exploit
Third Party Advisory
https://www.sec-consult.com/en/blog/
Not Applicable

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:commscope:dg3450_firmware:ar01.02.056.18_041520_711.ncs.10:*:*:*:*:*:*:*

cpe:2.3:h:commscope:dg3450:-:*:*:*:*:*:*:*

EPSS

Процентиль: 50%

0.00274

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-59w2-7pc8-55mg