CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-2389 – Netgear SRX5308 Web Management Interface cross site scripting
https://notcve.org/view.php?id=CVE-2023-2389
A vulnerability, which was classified as problematic, was found in Netgear SRX5308 up to 4.3.5-3. This affects an unknown part of the file scgi-bin/platform.cgi?page=firewall_logs_email.htm of the component Web Management Interface. The manipulation of the argument smtpServer.emailServer leads to cross site scripting. It is possible to initiate the attack remotely. • https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/9 https://vuldb.com/?ctiid.227667 https://vuldb.com/?id.227667 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-2388 – Netgear SRX5308 Web Management Interface cross site scripting
https://notcve.org/view.php?id=CVE-2023-2388
A vulnerability, which was classified as problematic, has been found in Netgear SRX5308 up to 4.3.5-3. Affected by this issue is some unknown functionality of the file scgi-bin/platform.cgi?page=firewall_logs_email.htm of the component Web Management Interface. The manipulation of the argument smtpServer.fromAddr leads to cross site scripting. The attack may be launched remotely. • https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/8 https://vuldb.com/?ctiid.227666 https://vuldb.com/?id.227666 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-2387 – Netgear SRX5308 Web Management Interface cross site scripting
https://notcve.org/view.php?id=CVE-2023-2387
A vulnerability classified as problematic was found in Netgear SRX5308 up to 4.3.5-3. Affected by this vulnerability is an unknown functionality of the file scgi-bin/platform.cgi?page=dmz_setup.htm of the component Web Management Interface. The manipulation of the argument winsServer1 leads to cross site scripting. The attack can be launched remotely. • https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/4 https://vuldb.com/?ctiid.227665 https://vuldb.com/?id.227665 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-2386 – Netgear SRX5308 Web Management Interface cross site scripting
https://notcve.org/view.php?id=CVE-2023-2386
A vulnerability classified as problematic has been found in Netgear SRX5308 up to 4.3.5-3. Affected is an unknown function of the file scgi-bin/platform.cgi?page=firewall_logs_email.htm of the component Web Management Interface. The manipulation of the argument smtpServer.toAddr leads to cross site scripting. It is possible to launch the attack remotely. • https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/7 https://vuldb.com/?ctiid.227664 https://vuldb.com/?id.227664 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-2385 – Netgear SRX5308 Web Management Interface cross site scripting
https://notcve.org/view.php?id=CVE-2023-2385
A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has been rated as problematic. This issue affects some unknown processing of the file scgi-bin/platform.cgi?page=ike_policies.htm of the component Web Management Interface. The manipulation of the argument IpsecIKEPolicy.IKEPolicyName leads to cross site scripting. • https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/5 https://vuldb.com/?ctiid.227663 https://vuldb.com/?id.227663 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •