Sign-up

ID

VAR-202304-2278


CVE

CVE-2023-2380


TITLE

NETGEAR SRX5308 Security hole

Trust: 0.6

sources: CNNVD: CNNVD-202304-2242

DESCRIPTION

A vulnerability, which was classified as problematic, was found in Netgear SRX5308 up to 4.3.5-3. Affected is an unknown function. The manipulation leads to denial of service. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-227658 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way

Trust: 0.99

sources: NVD: CVE-2023-2380 // VULMON: CVE-2023-2380

AFFECTED PRODUCTS

vendor:netgearmodel:srx5308scope:eqversion:4.3.5-3

Trust: 1.0

sources: NVD: CVE-2023-2380

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2023-2380
value: MEDIUM

Trust: 1.0

NVD: CVE-2023-2380
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-202304-2242
value: MEDIUM

Trust: 0.6

cna@vuldb.com:
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 6.9
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.0

cna@vuldb.com:
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 2.0

sources: CNNVD: CNNVD-202304-2242 // NVD: CVE-2023-2380 // NVD: CVE-2023-2380

PROBLEMTYPE DATA

problemtype:CWE-404

Trust: 1.0

sources: NVD: CVE-2023-2380

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202304-2242

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202304-2242

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2023-2380

EXTERNAL IDS
db:VULDBid:227658
Trust: 1.7
db:NVDid:CVE-2023-2380
Trust: 1.7
db:CNNVDid:CNNVD-202304-2242
Trust: 0.6
db:VULMONid:CVE-2023-2380
Trust: 0.1
sources:
            
            
            VULMON: CVE-2023-2380 // 
            
            
            
            CNNVD: CNNVD-202304-2242 // 
            
            
            
            NVD: CVE-2023-2380

REFERENCES
url:https://github.com/leetsun/iot/tree/main/netgear-srx5308/17
Trust: 1.7
url:https://vuldb.com/?id.227658
Trust: 1.7
url:https://vuldb.com/?ctiid.227658
Trust: 1.7
url:https://cxsecurity.com/cveshow/cve-2023-2380/
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/404.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULMON: CVE-2023-2380 // 
            
            
            
            CNNVD: CNNVD-202304-2242 // 
            
            
            
            NVD: CVE-2023-2380

SOURCES
db:VULMONid:CVE-2023-2380
db:CNNVDid:CNNVD-202304-2242
db:NVDid:CVE-2023-2380

LAST UPDATE DATE
2024-05-17T23:01:35.206000+00:00

SOURCES UPDATE DATE
db:VULMONid:CVE-2023-2380date:2023-04-28T00:00:00
db:CNNVDid:CNNVD-202304-2242date:2023-05-06T00:00:00
db:NVDid:CVE-2023-2380date:2024-05-17T02:22:54.917

SOURCES RELEASE DATE
db:VULMONid:CVE-2023-2380date:2023-04-28T00:00:00
db:CNNVDid:CNNVD-202304-2242date:2023-04-28T00:00:00
db:NVDid:CVE-2023-2380date:2023-04-28T17:15:43.130