CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-45028

A cross-site scripting (XSS) vulnerability in Arris NVG443B 9.3.0h3d36 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request sent to /cgi-bin/logs.ha.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 27.6%

CVSS Severity

CVSS v3 Score 6.1

References

https://drive.google.com/file/d/1AHqvciVNMQpUoomFgtctnByewkkr24kB/view
https://seanpesce.blogspot.com/2022/11/unauthenticated-stored-xss-in-arris.html
https://drive.google.com/file/d/1AHqvciVNMQpUoomFgtctnByewkkr24kB/view
https://seanpesce.blogspot.com/2022/11/unauthenticated-stored-xss-in-arris.html

Products affected by CVE-2022-45028

Arris » Nvg443b » Version: N/A

cpe:2.3:h:arris:nvg443b:-
Arris » Nvg443b Firmware » Version: 9.3.0h3d36

cpe:2.3:o:arris:nvg443b_firmware:9.3.0h3d36

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-45028

Products

Pricing

Contact Us