CVE-2022-45028: XSS
First published: Tue Dec 13 2022(Updated: )
A cross-site scripting (XSS) vulnerability in Arris NVG443B 9.3.0h3d36 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request sent to /cgi-bin/logs.ha.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Arris Nvg443b Firmware | =9.3.0h3d36 | |
| Arris NVG443B |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID is CVE-2022-45028.
What is the severity level of CVE-2022-45028?
The severity level of CVE-2022-45028 is medium.
How does the vulnerability CVE-2022-45028 work?
The vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted POST request sent to /cgi-bin/logs.ha.
Which software version is affected by CVE-2022-45028?
The Arris NVG443B firmware version 9.3.0h3d36 is affected by CVE-2022-45028.
Is there a fix available for CVE-2022-45028?
There may be a fix available for CVE-2022-45028, please refer to the provided references for more information.
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/arris
- canonical/arris nvg443b firmware
- version/arris nvg443b firmware/9.3.0h3d36
- canonical/arris nvg443b