Skip to main content

CVE-2023-51736: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Hathway Skyworth Router CM5100

Medium
VulnerabilityCVE-2023-51736cvecve-2023-51736cwe-79
Published: Wed Jan 17 2024 (01/17/2024, 07:16:13 UTC)
Source: CVE Database V5
Vendor/Project: Hathway
Product: Skyworth Router CM5100

Description

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the L2TP/PPTP Username parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web interface of the vulnerable targeted system. Successful exploitation of this vulnerability could allow the attacker to perform stored XSS attacks on the targeted system.

AI-Powered Analysis

AILast updated: 07/03/2025, 17:25:16 UTC

Technical Analysis

CVE-2023-51736 is a cross-site scripting (XSS) vulnerability identified in the Hathway Skyworth Router CM5100, specifically in firmware version 4.1.1.24. The vulnerability arises from improper neutralization of user-supplied input in the web interface, particularly within the L2TP/PPTP Username parameter. This parameter does not sufficiently validate or sanitize input, allowing an attacker to inject malicious scripts. The vulnerability is classified under CWE-79, which pertains to improper input validation leading to XSS. Exploitation requires the attacker to have some level of privileges (as indicated by the CVSS vector requiring privileges and user interaction), and the attack vector is network-based (remote). Successful exploitation results in stored XSS, meaning the malicious payload is saved on the device and executed when a legitimate user accesses the affected interface. This can lead to session hijacking, credential theft, or execution of arbitrary scripts in the context of the router's web management interface. The CVSS v3.1 score is 6.9 (medium severity), reflecting the moderate impact on confidentiality and high impact on integrity, with no impact on availability. The scope is changed, indicating that the vulnerability affects components beyond the initially vulnerable module. No known exploits are currently reported in the wild, and no patches have been linked yet. The vulnerability was published on January 17, 2024, and assigned by CERT-In.

Potential Impact

For European organizations, this vulnerability poses a risk primarily to network infrastructure security. Routers like the Skyworth CM5100 are critical for managing network traffic and securing VPN connections (L2TP/PPTP). Exploitation could allow attackers to execute malicious scripts within the router's management interface, potentially leading to unauthorized access to router settings, interception of VPN credentials, or manipulation of network configurations. This could compromise the confidentiality and integrity of corporate networks, especially for organizations relying on these routers for remote access or VPN connectivity. The stored XSS nature means that once injected, the malicious script could affect multiple users accessing the router interface, increasing the risk of lateral movement or further compromise. Although the vulnerability does not directly impact availability, the indirect consequences of compromised router integrity could lead to service disruptions or data breaches. European organizations with remote workforce setups or those using these routers in branch offices are particularly at risk.

Mitigation Recommendations

1. Immediate mitigation should include restricting access to the router's web management interface to trusted networks only, preferably via VPN or secure management VLANs. 2. Implement strict input validation and sanitization on the L2TP/PPTP Username parameter at the application level; vendors should release a firmware update addressing this issue. 3. Network administrators should monitor router logs for unusual input patterns or repeated access attempts to the vulnerable parameter. 4. Employ web application firewalls (WAFs) or intrusion detection/prevention systems (IDS/IPS) capable of detecting and blocking XSS payloads targeting router management interfaces. 5. Enforce strong authentication mechanisms and consider multi-factor authentication for router access to reduce the risk posed by compromised credentials. 6. Regularly audit and update router firmware and configurations, and subscribe to vendor security advisories for timely patch deployment. 7. Educate network administrators on the risks of XSS in network devices and encourage prompt reporting and remediation of suspicious activity.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
CERT-In
Date Reserved
2023-12-22T09:53:53.227Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 683dbfa6182aa0cae24982ca

Added to database: 6/2/2025, 3:13:42 PM

Last enriched: 7/3/2025, 5:25:16 PM

Last updated: 8/6/2025, 6:50:37 AM

Views: 12

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats