CVE-2023-23313 - Vulnerability Details

Certain Draytek products are vulnerable to Cross Site Scripting (XSS) via the wlogin.cgi script and user_login.cgi script of the router's web application management portal. This affects Vigor3910, Vigor1000B, Vigor2962 v4.3.2.1; Vigor2865 and Vigor2866 v4.4.1.0; Vigor2927 v4.4.2.2; and Vigor2915, Vigor2765, Vigor2766, Vigor2135 v4.4.2.0; Vigor2763 v4.4.2.1; Vigor2862 and Vigor2926 v3.9.9.0; Vigor2925 v3.9.3; Vigor2952 and Vigor3220 v3.9.7.3; Vigor2133 and Vigor2762 v3.9.6.4; and Vigor2832 v3.9.6.2.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Draytek	Vigor130 Vigor130 Firmware Vigor165 Vigor165 Firmware Vigor166 Vigor166 Firmware Vigor2133 Vigor2133 Firmware Vigor2133ac Vigor2133ac Firmware Vigor2133fvac Vigor2133fvac Firmware Vigor2133n Vigor2133n Firmware Vigor2133vac Vigor2133vac Firmware Vigor2135 Vigor2135 Firmware Vigor2135ac Vigor2135ac Firmware Vigor2135ax Vigor2135ax Firmware Vigor2135fvac Vigor2135fvac Firmware Vigor2135vac Vigor2135vac Firmware Vigor2762 Vigor2762 Firmware Vigor2762ac Vigor2762ac Firmware Vigor2762n Vigor2762n Firmware Vigor2762vac Vigor2762vac Firmware Vigor2763 Vigor2763 Firmware Vigor2763ac Vigor2763ac Firmware Vigor2765 Vigor2765 Firmware Vigor2765ac Vigor2765ac Firmware Vigor2765ax Vigor2765ax Firmware Vigor2765va Vigor2765va Firmware Vigor2766 Vigor2766 Firmware Vigor2766ac Vigor2766ac Firmware Vigor2766ax Vigor2766ax Firmware Vigor2766vac Vigor2766vac Firmware Vigor2832 Vigor2832 Firmware Vigor2832n Vigor2832n Firmware Vigor2860 Vigor2860 Firmware Vigor2860ac Vigor2860ac Firmware Vigor2860l Vigor2860l Firmware Vigor2860ln Vigor2860ln Firmware Vigor2860n Vigor2860n-plus Vigor2860n-plus Firmware Vigor2860n Firmware Vigor2860vac Vigor2860vac Firmware Vigor2860vn-plus Vigor2860vn-plus Firmware Vigornic 132 Vigornic 132 Firmware Virgor1000b Virgor1000b Firmware Virgor2862 Virgor2862 Firmware Virgor2862ac Virgor2862ac Firmware Virgor2862b Virgor2862b Firmware Virgor2862bn Virgor2862bn Firmware Virgor2862l Virgor2862l Firmware Virgor2862lac Virgor2862lac Firmware Virgor2862ln Virgor2862ln Firmware Virgor2862n Virgor2862n Firmware Virgor2862vac Virgor2862vac Firmware Virgor2865 Virgor2865 Firmware Virgor2865ac Virgor2865ac Firmware Virgor2865ax Virgor2865ax Firmware Virgor2865l Virgor2865l Firmware Virgor2865lac Virgor2865lac Firmware Virgor2865vac Virgor2865vac Firmware Virgor2866 Virgor2866 Firmware Virgor2866ac Virgor2866ac Firmware Virgor2866ax Virgor2866ax Firmware Virgor2866l Virgor2866l Firmware Virgor2866lac Virgor2866lac Firmware Virgor2866vac Virgor2866vac Firmware Virgor2915 Virgor2915 Firmware Virgor2915ac Virgor2915ac Firmware Virgor2925 Virgor2925 Firmware Virgor2925ac Virgor2925ac Firmware Virgor2925fn Virgor2925fn Firmware Virgor2925l Virgor2925l Firmware Virgor2925ln Virgor2925ln Firmware Virgor2925n Virgor2925n-plus Virgor2925n-plus Firmware Virgor2925n Firmware Virgor2925vac Virgor2925vac Firmware Virgor2925vn-plus Virgor2925vn-plus Firmware Virgor2926 Virgor2926 Firmware Virgor2926ac Virgor2926ac Firmware Virgor2926l Virgor2926l Firmware Virgor2926lac Virgor2926lac Firmware Virgor2926ln Virgor2926ln Firmware Virgor2926n Virgor2926n Firmware Virgor2926vac Virgor2926vac Firmware Virgor2927 Virgor2927 Firmware Virgor2927ac Virgor2927ac Firmware Virgor2927ax Virgor2927ax Firmware Virgor2927f Virgor2927f Firmware Virgor2927l Virgor2927l Firmware Virgor2927lac Virgor2927lac Firmware Virgor2927vac Virgor2927vac Firmware Virgor2952 Virgor2952 Firmware Virgor2952p Virgor2952p Firmware Virgor2962 Virgor2962 Firmware Virgor2962p Virgor2962p Firmware Virgor3220 Virgor3220 Firmware Virgor3910 Virgor3910 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:draytek:vigor2860_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2860:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:draytek:vigor2860n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2860n:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:draytek:vigor2860n-plus_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2860n-plus:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:draytek:vigor2860vn-plus_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2860vn-plus:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:draytek:vigor2860ac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2860ac:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:draytek:vigor2860vac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2860vac:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:draytek:vigor2860l_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2860l:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:draytek:vigor2860ln_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2860ln:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:draytek:vigor2832n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2832n:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:draytek:vigor2766ax_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2766ax:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:draytek:vigor2766ac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2766ac:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:draytek:vigor2766vac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2766vac:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:draytek:vigor2765ax_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2765ax:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:draytek:vigor2765ac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2765ac:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:draytek:vigor2765va_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2765va:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:draytek:vigor2763_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2763:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:draytek:vigor2763ac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2763ac:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:draytek:vigor2762n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2762n:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:draytek:vigor2762ac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2762ac:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:draytek:vigor2762vac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2762vac:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:draytek:vigor2135ax_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2135ax:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:draytek:vigor2135ac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2135ac:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:draytek:vigor2135vac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2135vac:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:draytek:vigor2135fvac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2135fvac:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:draytek:vigor2133n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2133n:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:draytek:vigor2133ac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2133ac:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:draytek:vigor2133vac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2133vac:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:draytek:vigor2133fvac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor2133fvac:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:draytek:vigor130_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigor130:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:draytek:vigornic_132_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:vigornic_132:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:draytek:virgor3910_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor3910:-:*:*:*:*:*:*:*

Configuration 40 [-]

AND

cpe:2.3:o:draytek:virgor3220_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor3220:-:*:*:*:*:*:*:*

Configuration 41 [-]

AND

cpe:2.3:o:draytek:virgor2962_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2962:-:*:*:*:*:*:*:*

Configuration 42 [-]

AND

cpe:2.3:o:draytek:virgor2962p_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2962p:-:*:*:*:*:*:*:*

Configuration 43 [-]

AND

cpe:2.3:o:draytek:virgor1000b_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor1000b:-:*:*:*:*:*:*:*

Configuration 44 [-]

AND

cpe:2.3:o:draytek:virgor2952_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2952:-:*:*:*:*:*:*:*

Configuration 45 [-]

AND

cpe:2.3:o:draytek:virgor2952p_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2952p:-:*:*:*:*:*:*:*

Configuration 46 [-]

AND

cpe:2.3:o:draytek:virgor2927_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2927:-:*:*:*:*:*:*:*

Configuration 47 [-]

AND

cpe:2.3:o:draytek:virgor2927ax_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2927ax:-:*:*:*:*:*:*:*

Configuration 48 [-]

AND

cpe:2.3:o:draytek:virgor2927ac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2927ac:-:*:*:*:*:*:*:*

Configuration 49 [-]

AND

cpe:2.3:o:draytek:virgor2927vac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2927vac:-:*:*:*:*:*:*:*

Configuration 50 [-]

AND

cpe:2.3:o:draytek:virgor2927f_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2927f:-:*:*:*:*:*:*:*

Configuration 51 [-]

AND

cpe:2.3:o:draytek:virgor2927l_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2927l:-:*:*:*:*:*:*:*

Configuration 52 [-]

AND

cpe:2.3:o:draytek:virgor2927lac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2927lac:-:*:*:*:*:*:*:*

Configuration 53 [-]

AND

cpe:2.3:o:draytek:virgor2926_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2926:-:*:*:*:*:*:*:*

Configuration 54 [-]

AND

cpe:2.3:o:draytek:virgor2926n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2926n:-:*:*:*:*:*:*:*

Configuration 55 [-]

AND

cpe:2.3:o:draytek:virgor2926ac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2926ac:-:*:*:*:*:*:*:*

Configuration 56 [-]

AND

cpe:2.3:o:draytek:virgor2926vac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2926vac:-:*:*:*:*:*:*:*

Configuration 57 [-]

AND

cpe:2.3:o:draytek:virgor2926l_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2926l:-:*:*:*:*:*:*:*

Configuration 58 [-]

AND

cpe:2.3:o:draytek:virgor2926ln_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2926ln:-:*:*:*:*:*:*:*

Configuration 59 [-]

AND

cpe:2.3:o:draytek:virgor2926lac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2926lac:-:*:*:*:*:*:*:*

Configuration 60 [-]

AND

cpe:2.3:o:draytek:virgor2925_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2925:-:*:*:*:*:*:*:*

Configuration 61 [-]

AND

cpe:2.3:o:draytek:virgor2925n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2925n:-:*:*:*:*:*:*:*

Configuration 62 [-]

AND

cpe:2.3:o:draytek:virgor2925n-plus_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2925n-plus:-:*:*:*:*:*:*:*

Configuration 63 [-]

AND

cpe:2.3:o:draytek:virgor2925vn-plus_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2925vn-plus:-:*:*:*:*:*:*:*

Configuration 64 [-]

AND

cpe:2.3:o:draytek:virgor2925ac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2925ac:-:*:*:*:*:*:*:*

Configuration 65 [-]

AND

cpe:2.3:o:draytek:virgor2925vac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2925vac:-:*:*:*:*:*:*:*

Configuration 66 [-]

AND

cpe:2.3:o:draytek:virgor2925fn_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2925fn:-:*:*:*:*:*:*:*

Configuration 67 [-]

AND

cpe:2.3:o:draytek:virgor2925l_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2925l:-:*:*:*:*:*:*:*

Configuration 68 [-]

AND

cpe:2.3:o:draytek:virgor2925ln_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2925ln:-:*:*:*:*:*:*:*

Configuration 69 [-]

AND

cpe:2.3:o:draytek:virgor2915_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2915:-:*:*:*:*:*:*:*

Configuration 70 [-]

AND

cpe:2.3:o:draytek:virgor2915ac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2915ac:-:*:*:*:*:*:*:*

Configuration 71 [-]

AND

cpe:2.3:o:draytek:virgor2866_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2866:-:*:*:*:*:*:*:*

Configuration 72 [-]

AND

cpe:2.3:o:draytek:virgor2866ax_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2866ax:-:*:*:*:*:*:*:*

Configuration 73 [-]

AND

cpe:2.3:o:draytek:virgor2866ac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2866ac:-:*:*:*:*:*:*:*

Configuration 74 [-]

AND

cpe:2.3:o:draytek:virgor2866vac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2866vac:-:*:*:*:*:*:*:*

Configuration 75 [-]

AND

cpe:2.3:o:draytek:virgor2866l_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2866l:-:*:*:*:*:*:*:*

Configuration 76 [-]

AND

cpe:2.3:o:draytek:virgor2866lac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2866lac:-:*:*:*:*:*:*:*

Configuration 77 [-]

AND

cpe:2.3:o:draytek:virgor2865_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2865:-:*:*:*:*:*:*:*

Configuration 78 [-]

AND

cpe:2.3:o:draytek:virgor2865ax_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2865ax:-:*:*:*:*:*:*:*

Configuration 79 [-]

AND

cpe:2.3:o:draytek:virgor2865ac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2865ac:-:*:*:*:*:*:*:*

Configuration 80 [-]

AND

cpe:2.3:o:draytek:virgor2865vac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2865vac:-:*:*:*:*:*:*:*

Configuration 81 [-]

AND

cpe:2.3:o:draytek:virgor2865l_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2865l:-:*:*:*:*:*:*:*

Configuration 82 [-]

AND

cpe:2.3:o:draytek:virgor2865lac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2865lac:-:*:*:*:*:*:*:*

Configuration 83 [-]

AND

cpe:2.3:o:draytek:virgor2862_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2862:-:*:*:*:*:*:*:*

Configuration 84 [-]

AND

cpe:2.3:o:draytek:virgor2862n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2862n:-:*:*:*:*:*:*:*

Configuration 85 [-]

AND

cpe:2.3:o:draytek:virgor2862ac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2862ac:-:*:*:*:*:*:*:*

Configuration 86 [-]

AND

cpe:2.3:o:draytek:virgor2862vac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2862vac:-:*:*:*:*:*:*:*

Configuration 87 [-]

AND

cpe:2.3:o:draytek:virgor2862b_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2862b:-:*:*:*:*:*:*:*

Configuration 88 [-]

AND

cpe:2.3:o:draytek:virgor2862bn_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2862bn:-:*:*:*:*:*:*:*

Configuration 89 [-]

AND

cpe:2.3:o:draytek:virgor2862l_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2862l:-:*:*:*:*:*:*:*

Configuration 90 [-]

AND

cpe:2.3:o:draytek:virgor2862ln_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2862ln:-:*:*:*:*:*:*:*

Configuration 91 [-]

AND

cpe:2.3:o:draytek:virgor2862lac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:draytek:virgor2862lac:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.draytek.com/about/security-advisory/cross-site-scripting-vulnerability-%28cve-2023-23313%29/
https://www.horizonconsulting.com/advisories23-Multiple-XSS-Stored-in-DrayTek-routers-CVE-2023-23313

History

Fri, 07 Mar 2025 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-03-03T00:00:00.000Z

Updated: 2025-03-07T16:33:57.302Z

Reserved: 2023-01-11T00:00:00.000Z

Link: CVE-2023-23313

Vulnrichment

Updated: 2024-08-02T10:28:40.675Z

NVD

Status : Modified

Published: 2023-03-03T22:15:09.690

Modified: 2025-03-07T17:15:16.473

Link: CVE-2023-23313

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object