CVE-2023-3331: Path Traversal
First published: Wed Jun 28 2023(Updated: )
Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to delete specific files in the product.
Credit: psirt-info@cyber.jp.nec.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NEC Aterm WF300HP firmware | ||
| NEC Aterm WF300HP firmware | ||
| NEC Aterm WG1400HP firmware | ||
| Aterm WG1400HP | ||
| NEC Aterm WG1800HP firmware | ||
| NEC Aterm WG1800HP3 | ||
| NEC Aterm WG1800HP2 firmware | ||
| NEC Aterm WG1800HP2 firmware | ||
| NEC Aterm WG2200HP firmware | ||
| Aterm WG2200HP | ||
| NEC Aterm WG2600HP2 firmware | ||
| NEC Aterm WG2600HP firmware | ||
| NEC Aterm WG2600HP2 firmware | ||
| NEC Aterm WG2600HP2 firmware | ||
| Aterm WG300HP firmware | ||
| NEC Aterm WG300HP firmware | ||
| NEC Aterm WG600HP firmware | ||
| Aterm WG600HP | ||
| NEC Aterm WR8600N firmware | ||
| Aterm WR8600N | ||
| NEC Aterm WR8700N firmware | ||
| Aterm WR8700N | ||
| NEC Aterm WR8750N firmware | ||
| NEC Aterm WR8750N firmware | ||
| NEC Aterm WR9300N | ||
| NEC Aterm WR9300N | ||
| NEC Aterm WR9500N firmware | ||
| NEC Aterm WR9500N firmware | ||
| NEC Aterm WR8170N firmware | ||
| NEC Aterm WR8170N firmware | ||
| NEC Aterm WR8175N firmware | ||
| NEC Aterm WR8175N firmware | ||
| NEC Aterm WR8370N | ||
| NEC Aterm WR8370N firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-3331?
CVE-2023-3331 is an improper limitation of a pathname to a restricted directory vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N, and WR8170N.
What is the severity of CVE-2023-3331?
The severity of CVE-2023-3331 is medium with a score of 5.4.
Which software is affected by CVE-2023-3331?
The NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N, and WR8170N are affected by CVE-2023-3331.
How can I fix CVE-2023-3331?
To fix CVE-2023-3331, it is recommended to apply the latest firmware or software updates provided by NEC Corporation.
Where can I find more information about CVE-2023-3331?
You can find more information about CVE-2023-3331 on the NEC Corporation security advisory page at https://jpn.nec.com/security-info/secinfo/nv23-007_en.html
- agent/type
- agent/references
- agent/severity
- agent/author
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/nec
- canonical/nec aterm wf300hp firmware
- canonical/nec aterm wg1400hp firmware
- canonical/aterm wg1400hp
- canonical/nec aterm wg1800hp firmware
- canonical/nec aterm wg1800hp3
- canonical/nec aterm wg1800hp2 firmware
- canonical/nec aterm wg2200hp firmware
- canonical/aterm wg2200hp
- canonical/nec aterm wg2600hp2 firmware
- canonical/nec aterm wg2600hp firmware
- canonical/aterm wg300hp firmware
- canonical/nec aterm wg300hp firmware
- canonical/nec aterm wg600hp firmware
- canonical/aterm wg600hp
- canonical/nec aterm wr8600n firmware
- canonical/aterm wr8600n
- canonical/nec aterm wr8700n firmware
- canonical/aterm wr8700n
- canonical/nec aterm wr8750n firmware
- canonical/nec aterm wr9300n
- canonical/nec aterm wr9500n firmware
- canonical/nec aterm wr8170n firmware
- canonical/nec aterm wr8175n firmware
- canonical/nec aterm wr8370n
- canonical/nec aterm wr8370n firmware