Lucene search
TenableCVE-2023-27853HistoryMar 10, 2023 - 6:15 p.m.
CVE-2023-27853
2023-03-1018:15:17
CWE-120
tenable
web.nvd.nist.gov
48
netgear
nighthawk
wifi6
router
v1.0.10.94
format string
vulnerability
cve-2023-27853
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.003
Percentile
68.9%
NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a format string vulnerability in a SOAP service that could allow an attacker to execute arbitrary code on the device.
Affected configurations
Node
netgearrax30_firmwareRange<1.0.10.94
netgearrax30Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| netgear | rax30_firmware | * | cpe:2.3:o:netgear:rax30_firmware:*:*:*:*:*:*:*:* |
| netgear | rax30 | - | cpe:2.3:h:netgear:rax30:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "n/a",
"product": "NETGEAR Nighthawk WiFi6 Router",
"versions": [
{
"version": "prior to V1.0.10.94",
"status": "affected"
}
]
}
]References
Related
cvelist
cvelist
CVE-2023-27853
2023-03-10 00:00:00
prion
prion
Format string
2023-03-10 18:15:00
nvd
nvd
CVE-2023-27853
2023-03-10 18:15:17
wallarmlab
wallarmlab
Changes in OWASP API Security Top-10 2023RC | API Security Newsletter
2023-04-06 14:27:28
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.003
Percentile
68.9%
Related for CVE-2023-27853