Cross-site scripting vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier, WG2600HS2 Ver.1.3.2 and earlier, WX3000HP Ver.2.4.2 and earlier and WX4200D5 Ver.1.2.4 and earlier allows a attacker to inject an arbitrary script via the internet.
History

Wed, 15 Jan 2025 07:30:00 +0000

Type Values Removed Values Added
Description Cross-site scripting vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier, WG2600HS2 Ver.1.3.2 and earlier, WX3000HP Ver.2.4.2 and earlier and WX4200D5 Ver.1.2.4 and earlier allows a attacker to inject an arbitrary script via the internet.
Weaknesses CWE-79
References
Metrics cvssV3_1

{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: NEC

Published: 2025-01-15T07:21:41.810Z

Updated: 2025-01-15T07:24:04.161Z

Reserved: 2025-01-09T06:20:47.803Z

Link: CVE-2025-0354

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2025-01-15T08:15:26.330

Modified: 2025-01-15T08:15:26.330

Link: CVE-2025-0354

cve-icon Redhat

No data.