CVE-2023-27572
Severity CVSS v4.0:
Pending analysis
Type:
CWE-79
Cross-Site Scripting (XSS)
Publication date:
15/04/2023
Last modified:
10/02/2025
Description
An issue was discovered in CommScope Arris DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. A reflected XSS vulnerability was discovered in the https_redirect.php web page via the page parameter.
Impact
Base Score 3.x
6.10
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:commscope:dg3450_firmware:ar01.02.056.18_041520_711.ncs.10:*:*:*:*:*:*:* | ||
| cpe:2.3:h:commscope:dg3450:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://sec-consult.com/en/vulnerability-lab/advisories/index.html
- https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-arris-dg3450-cable-gateway/
- https://www.sec-consult.com/en/blog/
- https://sec-consult.com/en/vulnerability-lab/advisories/index.html
- https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-arris-dg3450-cable-gateway/
- https://www.sec-consult.com/en/blog/