Lucene search
China National Vulnerability DatabaseCNVD-2023-42977HistoryMay 06, 2023 - 12:00 a.m.
NETGEAR SRX5308 Cross-Site Scripting Vulnerability (CNVD-2023-42977)
2023-05-0600:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
netgear
srx5308
vpn firewall
cross-site scripting
vulnerability
bandwidthprofile
profilename
cookie-based
credential
theft
EPSS
0.001
Percentile
40.8%
The NETGEAR SRX5308 is a VPN firewall appliance from NETGEAR. The NETGEAR SRX5308 suffers from a cross-site scripting vulnerability that stems from an incorrect manipulation of the parameter BandWidthProfile.ProfileName. An attacker could use this vulnerability to steal the victimβs cookie-based authentication credentials.
Related
prion
prion
Cross site scripting
2023-04-28 17:15:00
cvelist
cvelist
CVE-2023-2381 Netgear SRX5308 Web Management Interface cross site scripting
2023-04-28 17:00:05
nvd
nvd
CVE-2023-2381
2023-04-28 17:15:43
cve
cve
CVE-2023-2381
2023-04-28 17:15:43