Details of VAR-202305-0178

ID

VAR-202305-0178

CVE

CVE-2023-27360

TITLE

of netgear RAX30 Same-origin policy violation vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2023-027707

DESCRIPTION

NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the lighttpd HTTP server. The issue results from allowing execution of files from untrusted sources. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19398. of netgear RAX30 The firmware contains a vulnerability related to violation of the same origin policy.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a dual-band wireless router from NETGEAR

Trust: 2.88

sources: NVD: CVE-2023-27360 // JVNDB: JVNDB-2023-027707 // ZDI: ZDI-23-496 // CNVD: CNVD-2024-33672 // VULMON: CVE-2023-27360

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2024-33672

AFFECTED PRODUCTS

vendor:	netgear	model:	rax30	scope:	-	version:	-	Trust: 1.3
vendor:	netgear	model:	rax30	scope:	lt	version:	1.0.10.94	Trust: 1.0
vendor:	ネットギア	model:	rax30	scope:	eq	version:	-	Trust: 0.8
vendor:	ネットギア	model:	rax30	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	rax30	scope:	eq	version:	rax30 firmware 1.0.10.94	Trust: 0.8

sources: ZDI: ZDI-23-496 // CNVD: CNVD-2024-33672 // JVNDB: JVNDB-2023-027707 // NVD: CVE-2023-27360

CVSS

SEVERITY

CVSSV2

CVSSV3

zdi-disclosures@trendmicro.com:	CVE-2023-27360
value:	HIGH
Trust: 1.0
nvd@nist.gov:	CVE-2023-27360
value:	HIGH
Trust: 1.0
NVD:	CVE-2023-27360
value:	HIGH
Trust: 0.8
ZDI:	CVE-2023-27360
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2024-33672
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2024-33672
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:A/AC:H/AU:N/C:C/I:C/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.2
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

zdi-disclosures@trendmicro.com:	CVE-2023-27360
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.6
impactScore:	5.9
version:	3.0
Trust: 1.0
nvd@nist.gov:	CVE-2023-27360
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2023-27360
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2023-27360
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.6
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-23-496 // CNVD: CNVD-2024-33672 // JVNDB: JVNDB-2023-027707 // NVD: CVE-2023-27360 // NVD: CVE-2023-27360

PROBLEMTYPE DATA

problemtype:	CWE-345	Trust: 1.0
problemtype:	CWE-346	Trust: 1.0
problemtype:	Inadequate verification of data reliability (CWE-345) [ others ]	Trust: 0.8
problemtype:	Same-origin policy violation (CWE-346) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2023-027707 // NVD: CVE-2023-27360

PATCH

title:	NETGEAR has issued an update to correct this vulnerability.	url:	https://kb.netgear.com/000065559/Security-Advisory-for-Multiple-Vulnerabilities-on-the-RAX30-PSV-2022-0352	Trust: 0.7
title:	Patch for NETGEAR RAX30 Remote Code Execution Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/567906	Trust: 0.6

sources: ZDI: ZDI-23-496 // CNVD: CNVD-2024-33672

EXTERNAL IDS

db:	NVD	id:	CVE-2023-27360	Trust: 4.0
db:	ZDI	id:	ZDI-23-496	Trust: 2.6
db:	JVNDB	id:	JVNDB-2023-027707	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-19398	Trust: 0.7
db:	CNVD	id:	CNVD-2024-33672	Trust: 0.6
db:	VULMON	id:	CVE-2023-27360	Trust: 0.1

sources: ZDI: ZDI-23-496 // CNVD: CNVD-2024-33672 // VULMON: CVE-2023-27360 // JVNDB: JVNDB-2023-027707 // NVD: CVE-2023-27360

REFERENCES

url:	https://kb.netgear.com/000065559/security-advisory-for-multiple-vulnerabilities-on-the-rax30-psv-2022-0352	Trust: 2.5
url:	https://www.zerodayinitiative.com/advisories/zdi-23-496/	Trust: 1.9
url:	https://nvd.nist.gov/vuln/detail/cve-2023-27360	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2023-27360	Trust: 0.6

sources: ZDI: ZDI-23-496 // CNVD: CNVD-2024-33672 // VULMON: CVE-2023-27360 // JVNDB: JVNDB-2023-027707 // NVD: CVE-2023-27360

CREDITS

Rocco Calvi and Steven Seeley of Incite Team

Trust: 0.7

sources: ZDI: ZDI-23-496

SOURCES

db:	ZDI	id:	ZDI-23-496
db:	CNVD	id:	CNVD-2024-33672
db:	VULMON	id:	CVE-2023-27360
db:	JVNDB	id:	JVNDB-2023-027707
db:	NVD	id:	CVE-2023-27360

LAST UPDATE DATE

2025-01-07T23:23:16.501000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-23-496	date:	2023-05-01T00:00:00
db:	CNVD	id:	CNVD-2024-33672	date:	2024-07-26T00:00:00
db:	JVNDB	id:	JVNDB-2023-027707	date:	2025-01-06T04:22:00
db:	NVD	id:	CVE-2023-27360	date:	2025-01-03T17:32:11.500

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-23-496	date:	2023-05-01T00:00:00
db:	CNVD	id:	CNVD-2024-33672	date:	2024-07-10T00:00:00
db:	JVNDB	id:	JVNDB-2023-027707	date:	2025-01-06T00:00:00
db:	NVD	id:	CVE-2023-27360	date:	2024-05-03T02:15:14.013