CVE-2023-39429

Summary

CVE-2023-39429 is a cross-site scripting (XSS) vulnerability affecting various FURUNO SYSTEms wireless LAN access point models. Authenticated users can exploit this issue by injecting arbitrary scripts into the system via crafted configurations. The affected products include ACERA 1210, ACERA 1150i, ACERA 1150w, ACERA 1110, ACERA 1020, ACERA 1010, ACERA 950, ACERA 850F, ACERA 900, ACERA 850M, ACERA 810, and ACERA 800ST. These devices are susceptible when operating in ST (Standalone) mode, and their firmware versions prior to the ones listed above are impacted. Successful attacks could lead to unintended execution of malicious code and potential data theft. Users are advised to apply the necessary firmware updates to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.