Lucene search

VulDBCVELIST:CVE-2023-2380

HistoryApr 28, 2023 - 4:54 p.m.

CVE-2023-2380 Netgear SRX5308 denial of service

2023-04-2816:54:01

CWE-404

VulDB

www.cve.org

netgear srx5308

denial of service

vulnerability

remote exploit

vdb-227658

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

35.5%

JSON

A vulnerability, which was classified as problematic, was found in Netgear SRX5308 up to 4.3.5-3. Affected is an unknown function. The manipulation leads to denial of service. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-227658 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CNA Affected

[
  {
    "vendor": "Netgear",
    "product": "SRX5308",
    "versions": [
      {
        "version": "4.3.5-3",
        "status": "affected"
      }
    ]
  }
]

References

github.com/leetsun/IoT/tree/main/Netgear-SRX5308/17

vuldb.com/?ctiid.227658

vuldb.com/?id.227658

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

35.5%

JSON

Related for CVELIST:CVE-2023-2380