CVE-2023-31853

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Jul 17, 2023

Updated: Jul 26, 2023

CWE ID 79

Summary

CVE-2023-31853 refers to a Cross-Site Scripting (XSS) vulnerability affecting the Cudy LT400 1.13.4 network device, specifically in the /cgi-bin/luci/admin/network/bandwidth page. An attacker can exploit this issue by injecting malicious scripts into the icon parameter, potentially gaining unauthorized access to user sessions or stealing sensitive data. Users are advised to apply the necessary patch or update to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r_QK2T
https://www.cve.org/CVERecord?id=CVE-2023-31853
https://nvd.nist.gov/vuln/detail/CVE-2023-31853

Back to Vulnerability Database

CVE-2023-31853

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations