CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-2394 – Netgear SRX5308 Web Management Interface cross site scripting
https://notcve.org/view.php?id=CVE-2023-2394
28 Apr 2023 — A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Web Management Interface. The manipulation of the argument wanName leads to cross site scripting. The attack may be launched remotely. • https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/14 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-2393 – Netgear SRX5308 Web Management Interface cross site scripting
https://notcve.org/view.php?id=CVE-2023-2393
28 Apr 2023 — A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file scgi-bin/platform.cgi?page=dmz_setup.htm of the component Web Management Interface. The manipulation of the argument ConfigPort.LogicalIfName leads to cross site scripting. • https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/13 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-2392 – Netgear SRX5308 Web Management Interface cross site scripting
https://notcve.org/view.php?id=CVE-2023-2392
28 Apr 2023 — A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has been classified as problematic. Affected is an unknown function of the file scgi-bin/platform.cgi?page=time_zone.htm of the component Web Management Interface. The manipulation of the argument ManualDate.minutes leads to cross site scripting. • https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/12 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-2391 – Netgear SRX5308 Web Management Interface cross site scripting
https://notcve.org/view.php?id=CVE-2023-2391
28 Apr 2023 — A vulnerability was found in Netgear SRX5308 up to 4.3.5-3 and classified as problematic. This issue affects some unknown processing of the file scgi-bin/platform.cgi?page=time_zone.htm of the component Web Management Interface. The manipulation of the argument ntp.server2 leads to cross site scripting. The attack may be initiated remotely. • https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/11 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-2390 – Netgear SRX5308 Web Management Interface cross site scripting
https://notcve.org/view.php?id=CVE-2023-2390
28 Apr 2023 — A vulnerability has been found in Netgear SRX5308 up to 4.3.5-3 and classified as problematic. This vulnerability affects unknown code of the file scgi-bin/platform.cgi?page=time_zone.htm of the component Web Management Interface. The manipulation of the argument ntp.server1 leads to cross site scripting. The attack can be initiated remotely. • https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/10 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-2389 – Netgear SRX5308 Web Management Interface cross site scripting
https://notcve.org/view.php?id=CVE-2023-2389
28 Apr 2023 — A vulnerability, which was classified as problematic, was found in Netgear SRX5308 up to 4.3.5-3. This affects an unknown part of the file scgi-bin/platform.cgi?page=firewall_logs_email.htm of the component Web Management Interface. The manipulation of the argument smtpServer.emailServer leads to cross site scripting. It is possible to initiate the attack remotely. • https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/9 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-2388 – Netgear SRX5308 Web Management Interface cross site scripting
https://notcve.org/view.php?id=CVE-2023-2388
28 Apr 2023 — A vulnerability, which was classified as problematic, has been found in Netgear SRX5308 up to 4.3.5-3. Affected by this issue is some unknown functionality of the file scgi-bin/platform.cgi?page=firewall_logs_email.htm of the component Web Management Interface. The manipulation of the argument smtpServer.fromAddr leads to cross site scripting. The attack may be launched remotely. • https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-2387 – Netgear SRX5308 Web Management Interface cross site scripting
https://notcve.org/view.php?id=CVE-2023-2387
28 Apr 2023 — A vulnerability classified as problematic was found in Netgear SRX5308 up to 4.3.5-3. Affected by this vulnerability is an unknown functionality of the file scgi-bin/platform.cgi?page=dmz_setup.htm of the component Web Management Interface. The manipulation of the argument winsServer1 leads to cross site scripting. The attack can be launched remotely. • https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-2386 – Netgear SRX5308 Web Management Interface cross site scripting
https://notcve.org/view.php?id=CVE-2023-2386
28 Apr 2023 — A vulnerability classified as problematic has been found in Netgear SRX5308 up to 4.3.5-3. Affected is an unknown function of the file scgi-bin/platform.cgi?page=firewall_logs_email.htm of the component Web Management Interface. The manipulation of the argument smtpServer.toAddr leads to cross site scripting. It is possible to launch the attack remotely. • https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/7 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-2385 – Netgear SRX5308 Web Management Interface cross site scripting
https://notcve.org/view.php?id=CVE-2023-2385
28 Apr 2023 — A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has been rated as problematic. This issue affects some unknown processing of the file scgi-bin/platform.cgi?page=ike_policies.htm of the component Web Management Interface. The manipulation of the argument IpsecIKEPolicy.IKEPolicyName leads to cross site scripting. • https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/5 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •