GCVE - cpe:2.3:o:castlenet:cbw383g2n_firmware:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:castlenet:cbw383g2n_firmware:*:*:*:*:*:*:*:*

part: o version: * update: *

Vendor	Castlenet (`fc078461-6360-563f-982f-ac3396998b88`)
Product	Cbw383G2N Firmware (`bfa294a3-37a9-5ffe-a9fb-2441a93608b1`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-2213`	vulnerable	2026-06-08 07:16:56.410337	Castlenet CBW383G2N Wireless Menu wlanPrimaryNetwork.asp cross site scripting LOW (2.4) A vulnerability was found in Castlenet CBW383G2N up to 20250301. It has been declared as problematic. This vulnerability affects unknown code of the file /wlanPrimaryNetwork.asp of the component Wireless Menu. The manipulation of the argument SSID with the input <img/src/onerror=prompt(8)> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way. Published: 2025-03-11T23:00:07.686Z Updated: 2025-03-12T13:41:14.626Z Open on db.gcve.eu Reference links https://vuldb.com/?id.299284 https://vuldb.com/?ctiid.299284 https://vuldb.com/?submit.511882	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-2212`	vulnerable	2026-06-08 07:16:56.408501	Castlenet CBW383G2N RgSwInfo.asp cross site scripting LOW (2.4) A vulnerability was found in Castlenet CBW383G2N up to 20250301. It has been classified as problematic. This affects an unknown part of the file /RgSwInfo.asp. The manipulation of the argument Description with the input <img/src/onerror=prompt(8)> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way. Published: 2025-03-11T22:31:04.054Z Updated: 2025-03-12T13:42:08.149Z Open on db.gcve.eu Reference links https://vuldb.com/?id.299283 https://vuldb.com/?ctiid.299283 https://vuldb.com/?submit.511873	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.