CVE-2023-51725

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Jan 17, 2024

Updated: Jan 19, 2024

CWE ID 79

Summary

CVE-2023-51725 is a vulnerability affecting Skyworth Router CM5100, specifically version 4.1.1.24. The issue stems from insufficient input validation for the Contact Email Address parameter in the router's web interface. An attacker can exploit this vulnerability by supplying malicious input to the parameter, resulting in stored Cross-Site Scripting (XSS) attacks. Successful exploitation grants the attacker the ability to inject and execute malicious scripts on the targeted system.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/t46O7W
https://www.cve.org/CVERecord?id=CVE-2023-51725
https://nvd.nist.gov/vuln/detail/CVE-2023-51725

Back to Vulnerability Database

CVE-2023-51725

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations