Strix
26.1K

CVE-2023-3333

HIGHCVSS 7.2/10EPSS 0.59%

Last modified

CVE-2023-3333 is a high-severity vulnerability rated 7.2/10 on the CVSS scale. Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to execute an arbitrary OS command with the root privilege, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities.. EPSS estimates a 0.59% chance of exploitation in the next 30 days.

Description

Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to execute an arbitrary OS command with the root privilege, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities.

Metrics

CVSS 3.1
7.2/10

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Probability
0.59%

43.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
NecAterm Wf300hp FirmwareAll versions
NecAterm Wg1400hp FirmwareAll versions
NecAterm Wg1800hp FirmwareAll versions
NecAterm Wg1800hp2 FirmwareAll versions
NecAterm Wg2200hp FirmwareAll versions
NecAterm Wg2600hp FirmwareAll versions
NecAterm Wg2600hp2 FirmwareAll versions
NecAterm Wg300hp FirmwareAll versions
NecAterm Wg600hp FirmwareAll versions
NecAterm Wr8600n FirmwareAll versions
NecAterm Wr8700n FirmwareAll versions
NecAterm Wr8750n FirmwareAll versions
NecAterm Wr9300n FirmwareAll versions
NecAterm Wr9500n FirmwareAll versions
NecAterm Wr8170n FirmwareAll versions
NecAterm Wr8175n FirmwareAll versions
NecAterm Wr8370n FirmwareAll versions

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2023-3333?
Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to execute an arbitrary OS command with the root privilege, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities.
How severe is CVE-2023-3333?
CVE-2023-3333 has a CVSS score of 7.2/10 (HIGH severity). The EPSS model estimates a 0.59% probability of exploitation in the next 30 days.
How do I fix CVE-2023-3333?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2023-3333?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST