CVE-2023-3333: OS Command Injection
First published: Wed Jun 28 2023(Updated: )
Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to execute an arbitrary OS command with the root privilege, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities.
Credit: psirt-info@cyber.jp.nec.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nec Aterm Wf300hp Firmware | ||
| Nec Aterm Wf300hp | ||
| Nec Aterm Wg1400hp Firmware | ||
| Nec Aterm Wg1400hp | ||
| Nec Aterm Wg1800hp Firmware | ||
| Nec Aterm Wg1800hp | ||
| Nec Aterm Wg1800hp2 Firmware | ||
| Nec Aterm Wg1800hp2 | ||
| Nec Aterm Wg2200hp Firmware | ||
| Nec Aterm Wg2200hp | ||
| Nec Aterm Wg2600hp Firmware | ||
| Nec Aterm Wg2600hp | ||
| Nec Aterm Wg2600hp2 Firmware | ||
| Nec Aterm Wg2600hp2 | ||
| Nec Aterm Wg300hp Firmware | ||
| Nec Aterm Wg300hp | ||
| Nec Aterm Wg600hp Firmware | ||
| Nec Aterm Wg600hp | ||
| Nec Aterm Wr8600n Firmware | ||
| Nec Aterm Wr8600n | ||
| Nec Aterm Wr8700n Firmware | ||
| Nec Aterm Wr8700n | ||
| Nec Aterm Wr8750n Firmware | ||
| Nec Aterm Wr8750n | ||
| Nec Aterm Wr9300n Firmware | ||
| Nec Aterm Wr9300n | ||
| Nec Aterm Wr9500n Firmware | ||
| Nec Aterm Wr9500n | ||
| Nec Aterm Wr8170n Firmware | ||
| Nec Aterm Wr8170n | ||
| Nec Aterm Wr8175n Firmware | ||
| Nec Aterm Wr8175n | ||
| Nec Aterm Wr8370n Firmware | ||
| Nec Aterm Wr8370n |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-3333?
CVE-2023-3333 is an Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm routers.
Which NEC Corporation Aterm routers are affected by CVE-2023-3333?
NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N, and WR8170N routers are affected by CVE-2023-3333.
What is the severity of CVE-2023-3333?
CVE-2023-3333 has a severity rating of 7.2 (High).
What is the Common Weakness Enumeration (CWE) ID for this vulnerability?
The CWE ID for CVE-2023-3333 is 78.
How do I fix CVE-2023-3333?
To fix CVE-2023-3333, update your NEC Corporation Aterm router firmware to the latest version provided by NEC.
- collector/nvd-index
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/nec
- canonical/nec aterm wf300hp firmware
- canonical/nec aterm wf300hp
- canonical/nec aterm wg1400hp firmware
- canonical/nec aterm wg1400hp
- canonical/nec aterm wg1800hp firmware
- canonical/nec aterm wg1800hp
- canonical/nec aterm wg1800hp2 firmware
- canonical/nec aterm wg1800hp2
- canonical/nec aterm wg2200hp firmware
- canonical/nec aterm wg2200hp
- canonical/nec aterm wg2600hp firmware
- canonical/nec aterm wg2600hp
- canonical/nec aterm wg2600hp2 firmware
- canonical/nec aterm wg2600hp2
- canonical/nec aterm wg300hp firmware
- canonical/nec aterm wg300hp
- canonical/nec aterm wg600hp firmware
- canonical/nec aterm wg600hp
- canonical/nec aterm wr8600n firmware
- canonical/nec aterm wr8600n
- canonical/nec aterm wr8700n firmware
- canonical/nec aterm wr8700n
- canonical/nec aterm wr8750n firmware
- canonical/nec aterm wr8750n
- canonical/nec aterm wr9300n firmware
- canonical/nec aterm wr9300n
- canonical/nec aterm wr9500n firmware
- canonical/nec aterm wr9500n
- canonical/nec aterm wr8170n firmware
- canonical/nec aterm wr8170n
- canonical/nec aterm wr8175n firmware
- canonical/nec aterm wr8175n
- canonical/nec aterm wr8370n firmware
- canonical/nec aterm wr8370n