Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
12 vulnerabilities found for 24f2xg_router_firmware by kraftway
CVE-2018-15355 (GCVE-0-2018-15355)
Vulnerability from nvd – Published: 2018-08-17 14:00 – Updated: 2024-08-05 09:54
VLAI?
Summary
Usage of SSLv2 and SSLv3 leads to transmitted data decryption in Kraftway 24F2XG Router firmware 3.5.30.1118.
Severity ?
No CVSS data available.
CWE
- Usage of SSLv2 and SSLv3 leads to transmitted data decryption
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kaspersky Lab | Kraftway |
Affected:
Kraftway 24F2XG Router firmware 3.5.30.1118
|
Date Public ?
2018-08-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:54:01.937Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-011-kraftway-24f2xg-router-outdated-certificate-usage/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kraftway",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "Kraftway 24F2XG Router firmware 3.5.30.1118"
}
]
}
],
"datePublic": "2018-08-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Usage of SSLv2 and SSLv3 leads to transmitted data decryption in Kraftway 24F2XG Router firmware 3.5.30.1118."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Usage of SSLv2 and SSLv3 leads to transmitted data decryption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-17T13:57:01.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-011-kraftway-24f2xg-router-outdated-certificate-usage/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"ID": "CVE-2018-15355",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kraftway",
"version": {
"version_data": [
{
"version_value": "Kraftway 24F2XG Router firmware 3.5.30.1118"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Usage of SSLv2 and SSLv3 leads to transmitted data decryption in Kraftway 24F2XG Router firmware 3.5.30.1118."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Usage of SSLv2 and SSLv3 leads to transmitted data decryption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-011-kraftway-24f2xg-router-outdated-certificate-usage/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-011-kraftway-24f2xg-router-outdated-certificate-usage/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2018-15355",
"datePublished": "2018-08-17T14:00:00.000Z",
"dateReserved": "2018-08-15T00:00:00.000Z",
"dateUpdated": "2024-08-05T09:54:01.937Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15354 (GCVE-0-2018-15354)
Vulnerability from nvd – Published: 2018-08-17 14:00 – Updated: 2024-08-05 09:54
VLAI?
Summary
A Buffer Overflow exploited through web interface by remote attacker can cause denial of service in Kraftway 24F2XG Router firmware 3.5.30.1118.
Severity ?
No CVSS data available.
CWE
- A Buffer Overflow exploited through web interface by remote attacker cause denial of service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kaspersky Lab | Kraftway |
Affected:
Kraftway 24F2XG Router firmware 3.5.30.1118
|
Date Public ?
2018-08-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:54:03.595Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-010-kraftway-24f2xg-router-denial-of-service/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kraftway",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "Kraftway 24F2XG Router firmware 3.5.30.1118"
}
]
}
],
"datePublic": "2018-08-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A Buffer Overflow exploited through web interface by remote attacker can cause denial of service in Kraftway 24F2XG Router firmware 3.5.30.1118."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A Buffer Overflow exploited through web interface by remote attacker cause denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-17T13:57:01.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-010-kraftway-24f2xg-router-denial-of-service/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"ID": "CVE-2018-15354",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kraftway",
"version": {
"version_data": [
{
"version_value": "Kraftway 24F2XG Router firmware 3.5.30.1118"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Buffer Overflow exploited through web interface by remote attacker can cause denial of service in Kraftway 24F2XG Router firmware 3.5.30.1118."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A Buffer Overflow exploited through web interface by remote attacker cause denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-010-kraftway-24f2xg-router-denial-of-service/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-010-kraftway-24f2xg-router-denial-of-service/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2018-15354",
"datePublished": "2018-08-17T14:00:00.000Z",
"dateReserved": "2018-08-15T00:00:00.000Z",
"dateUpdated": "2024-08-05T09:54:03.595Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15353 (GCVE-0-2018-15353)
Vulnerability from nvd – Published: 2018-08-17 14:00 – Updated: 2024-08-05 09:54
VLAI?
Summary
A Buffer Overflow exploited through web interface by remote attacker can cause remote code execution in Kraftway 24F2XG Router firmware 3.5.30.1118.
Severity ?
No CVSS data available.
CWE
- A Buffer Overflow exploited through web interface by remote attacker can cause remote code execution
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kaspersky Lab | Kraftway |
Affected:
Kraftway 24F2XG Router firmware 3.5.30.1118
|
Date Public ?
2018-08-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:54:03.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-009-kraftway-24f2xg-router-possible-remote-code-execution/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kraftway",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "Kraftway 24F2XG Router firmware 3.5.30.1118"
}
]
}
],
"datePublic": "2018-08-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A Buffer Overflow exploited through web interface by remote attacker can cause remote code execution in Kraftway 24F2XG Router firmware 3.5.30.1118."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A Buffer Overflow exploited through web interface by remote attacker can cause remote code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-17T13:57:01.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-009-kraftway-24f2xg-router-possible-remote-code-execution/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"ID": "CVE-2018-15353",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kraftway",
"version": {
"version_data": [
{
"version_value": "Kraftway 24F2XG Router firmware 3.5.30.1118"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Buffer Overflow exploited through web interface by remote attacker can cause remote code execution in Kraftway 24F2XG Router firmware 3.5.30.1118."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A Buffer Overflow exploited through web interface by remote attacker can cause remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-009-kraftway-24f2xg-router-possible-remote-code-execution/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-009-kraftway-24f2xg-router-possible-remote-code-execution/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2018-15353",
"datePublished": "2018-08-17T14:00:00.000Z",
"dateReserved": "2018-08-15T00:00:00.000Z",
"dateUpdated": "2024-08-05T09:54:03.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15352 (GCVE-0-2018-15352)
Vulnerability from nvd – Published: 2018-08-17 14:00 – Updated: 2024-08-05 09:54
VLAI?
Summary
An attacker with low privileges can cause denial of service in Kraftway 24F2XG Router firmware version 3.5.30.1118.
Severity ?
No CVSS data available.
CWE
- Denial of service by an attacker with low privileges
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kaspersky Lab | Kraftway |
Affected:
Kraftway-24F2XG Router firmware 3.5.30.1118
|
Date Public ?
2018-08-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:54:01.844Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-008-kraftway-24f2xg-router-denial-of-service/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kraftway",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "Kraftway-24F2XG Router firmware 3.5.30.1118"
}
]
}
],
"datePublic": "2018-08-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An attacker with low privileges can cause denial of service in Kraftway 24F2XG Router firmware version 3.5.30.1118."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service by an attacker with low privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-17T13:57:01.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-008-kraftway-24f2xg-router-denial-of-service/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"ID": "CVE-2018-15352",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kraftway",
"version": {
"version_data": [
{
"version_value": "Kraftway-24F2XG Router firmware 3.5.30.1118"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An attacker with low privileges can cause denial of service in Kraftway 24F2XG Router firmware version 3.5.30.1118."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service by an attacker with low privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-008-kraftway-24f2xg-router-denial-of-service/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-008-kraftway-24f2xg-router-denial-of-service/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2018-15352",
"datePublished": "2018-08-17T14:00:00.000Z",
"dateReserved": "2018-08-15T00:00:00.000Z",
"dateUpdated": "2024-08-05T09:54:01.844Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15351 (GCVE-0-2018-15351)
Vulnerability from nvd – Published: 2018-08-17 14:00 – Updated: 2024-08-05 09:54
VLAI?
Summary
Denial of service via crafting malicious link and sending it to a privileged user can cause Denial of Service in Kraftway 24F2XG Router firmware version 3.5.30.1118.
Severity ?
No CVSS data available.
CWE
- Denial of service via crafting malicious link and sending it to a privileged user
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kaspersky Lab | Kraftway |
Affected:
Kraftway-24F2XG Router firmware 3.5.30.1118
|
Date Public ?
2018-08-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:54:01.983Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-007-kraftway-24f2xg-router-denial-of-service/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kraftway",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "Kraftway-24F2XG Router firmware 3.5.30.1118"
}
]
}
],
"datePublic": "2018-08-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Denial of service via crafting malicious link and sending it to a privileged user can cause Denial of Service in Kraftway 24F2XG Router firmware version 3.5.30.1118."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service via crafting malicious link and sending it to a privileged user",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-17T13:57:01.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-007-kraftway-24f2xg-router-denial-of-service/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"ID": "CVE-2018-15351",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kraftway",
"version": {
"version_data": [
{
"version_value": "Kraftway-24F2XG Router firmware 3.5.30.1118"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Denial of service via crafting malicious link and sending it to a privileged user can cause Denial of Service in Kraftway 24F2XG Router firmware version 3.5.30.1118."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service via crafting malicious link and sending it to a privileged user"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-007-kraftway-24f2xg-router-denial-of-service/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-007-kraftway-24f2xg-router-denial-of-service/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2018-15351",
"datePublished": "2018-08-17T14:00:00.000Z",
"dateReserved": "2018-08-15T00:00:00.000Z",
"dateUpdated": "2024-08-05T09:54:01.983Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15350 (GCVE-0-2018-15350)
Vulnerability from nvd – Published: 2018-08-17 14:00 – Updated: 2024-08-05 09:54
VLAI?
Summary
Router Default Credentials in Kraftway 24F2XG Router firmware version 3.5.30.1118 allow remote attackers to get privileged access to the router.
Severity ?
No CVSS data available.
CWE
- Router Default Credentials
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kaspersky Lab | Kraftway |
Affected:
Kraftway-24F2XG Router firmware 3.5.30.1118
|
Date Public ?
2018-08-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:54:03.564Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-006-kraftway-24f2xg-router-default-credentials/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kraftway",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "Kraftway-24F2XG Router firmware 3.5.30.1118"
}
]
}
],
"datePublic": "2018-08-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Router Default Credentials in Kraftway 24F2XG Router firmware version 3.5.30.1118 allow remote attackers to get privileged access to the router."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Router Default Credentials",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-17T13:57:01.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-006-kraftway-24f2xg-router-default-credentials/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"ID": "CVE-2018-15350",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kraftway",
"version": {
"version_data": [
{
"version_value": "Kraftway-24F2XG Router firmware 3.5.30.1118"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Router Default Credentials in Kraftway 24F2XG Router firmware version 3.5.30.1118 allow remote attackers to get privileged access to the router."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Router Default Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-006-kraftway-24f2xg-router-default-credentials/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-006-kraftway-24f2xg-router-default-credentials/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2018-15350",
"datePublished": "2018-08-17T14:00:00.000Z",
"dateReserved": "2018-08-15T00:00:00.000Z",
"dateUpdated": "2024-08-05T09:54:03.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15354 (GCVE-0-2018-15354)
Vulnerability from cvelistv5 – Published: 2018-08-17 14:00 – Updated: 2024-08-05 09:54
VLAI?
Summary
A Buffer Overflow exploited through web interface by remote attacker can cause denial of service in Kraftway 24F2XG Router firmware 3.5.30.1118.
Severity ?
No CVSS data available.
CWE
- A Buffer Overflow exploited through web interface by remote attacker cause denial of service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kaspersky Lab | Kraftway |
Affected:
Kraftway 24F2XG Router firmware 3.5.30.1118
|
Date Public ?
2018-08-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:54:03.595Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-010-kraftway-24f2xg-router-denial-of-service/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kraftway",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "Kraftway 24F2XG Router firmware 3.5.30.1118"
}
]
}
],
"datePublic": "2018-08-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A Buffer Overflow exploited through web interface by remote attacker can cause denial of service in Kraftway 24F2XG Router firmware 3.5.30.1118."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A Buffer Overflow exploited through web interface by remote attacker cause denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-17T13:57:01.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-010-kraftway-24f2xg-router-denial-of-service/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"ID": "CVE-2018-15354",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kraftway",
"version": {
"version_data": [
{
"version_value": "Kraftway 24F2XG Router firmware 3.5.30.1118"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Buffer Overflow exploited through web interface by remote attacker can cause denial of service in Kraftway 24F2XG Router firmware 3.5.30.1118."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A Buffer Overflow exploited through web interface by remote attacker cause denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-010-kraftway-24f2xg-router-denial-of-service/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-010-kraftway-24f2xg-router-denial-of-service/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2018-15354",
"datePublished": "2018-08-17T14:00:00.000Z",
"dateReserved": "2018-08-15T00:00:00.000Z",
"dateUpdated": "2024-08-05T09:54:03.595Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15350 (GCVE-0-2018-15350)
Vulnerability from cvelistv5 – Published: 2018-08-17 14:00 – Updated: 2024-08-05 09:54
VLAI?
Summary
Router Default Credentials in Kraftway 24F2XG Router firmware version 3.5.30.1118 allow remote attackers to get privileged access to the router.
Severity ?
No CVSS data available.
CWE
- Router Default Credentials
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kaspersky Lab | Kraftway |
Affected:
Kraftway-24F2XG Router firmware 3.5.30.1118
|
Date Public ?
2018-08-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:54:03.564Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-006-kraftway-24f2xg-router-default-credentials/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kraftway",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "Kraftway-24F2XG Router firmware 3.5.30.1118"
}
]
}
],
"datePublic": "2018-08-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Router Default Credentials in Kraftway 24F2XG Router firmware version 3.5.30.1118 allow remote attackers to get privileged access to the router."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Router Default Credentials",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-17T13:57:01.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-006-kraftway-24f2xg-router-default-credentials/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"ID": "CVE-2018-15350",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kraftway",
"version": {
"version_data": [
{
"version_value": "Kraftway-24F2XG Router firmware 3.5.30.1118"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Router Default Credentials in Kraftway 24F2XG Router firmware version 3.5.30.1118 allow remote attackers to get privileged access to the router."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Router Default Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-006-kraftway-24f2xg-router-default-credentials/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-006-kraftway-24f2xg-router-default-credentials/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2018-15350",
"datePublished": "2018-08-17T14:00:00.000Z",
"dateReserved": "2018-08-15T00:00:00.000Z",
"dateUpdated": "2024-08-05T09:54:03.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15353 (GCVE-0-2018-15353)
Vulnerability from cvelistv5 – Published: 2018-08-17 14:00 – Updated: 2024-08-05 09:54
VLAI?
Summary
A Buffer Overflow exploited through web interface by remote attacker can cause remote code execution in Kraftway 24F2XG Router firmware 3.5.30.1118.
Severity ?
No CVSS data available.
CWE
- A Buffer Overflow exploited through web interface by remote attacker can cause remote code execution
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kaspersky Lab | Kraftway |
Affected:
Kraftway 24F2XG Router firmware 3.5.30.1118
|
Date Public ?
2018-08-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:54:03.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-009-kraftway-24f2xg-router-possible-remote-code-execution/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kraftway",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "Kraftway 24F2XG Router firmware 3.5.30.1118"
}
]
}
],
"datePublic": "2018-08-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A Buffer Overflow exploited through web interface by remote attacker can cause remote code execution in Kraftway 24F2XG Router firmware 3.5.30.1118."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A Buffer Overflow exploited through web interface by remote attacker can cause remote code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-17T13:57:01.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-009-kraftway-24f2xg-router-possible-remote-code-execution/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"ID": "CVE-2018-15353",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kraftway",
"version": {
"version_data": [
{
"version_value": "Kraftway 24F2XG Router firmware 3.5.30.1118"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Buffer Overflow exploited through web interface by remote attacker can cause remote code execution in Kraftway 24F2XG Router firmware 3.5.30.1118."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A Buffer Overflow exploited through web interface by remote attacker can cause remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-009-kraftway-24f2xg-router-possible-remote-code-execution/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-009-kraftway-24f2xg-router-possible-remote-code-execution/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2018-15353",
"datePublished": "2018-08-17T14:00:00.000Z",
"dateReserved": "2018-08-15T00:00:00.000Z",
"dateUpdated": "2024-08-05T09:54:03.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15352 (GCVE-0-2018-15352)
Vulnerability from cvelistv5 – Published: 2018-08-17 14:00 – Updated: 2024-08-05 09:54
VLAI?
Summary
An attacker with low privileges can cause denial of service in Kraftway 24F2XG Router firmware version 3.5.30.1118.
Severity ?
No CVSS data available.
CWE
- Denial of service by an attacker with low privileges
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kaspersky Lab | Kraftway |
Affected:
Kraftway-24F2XG Router firmware 3.5.30.1118
|
Date Public ?
2018-08-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:54:01.844Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-008-kraftway-24f2xg-router-denial-of-service/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kraftway",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "Kraftway-24F2XG Router firmware 3.5.30.1118"
}
]
}
],
"datePublic": "2018-08-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An attacker with low privileges can cause denial of service in Kraftway 24F2XG Router firmware version 3.5.30.1118."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service by an attacker with low privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-17T13:57:01.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-008-kraftway-24f2xg-router-denial-of-service/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"ID": "CVE-2018-15352",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kraftway",
"version": {
"version_data": [
{
"version_value": "Kraftway-24F2XG Router firmware 3.5.30.1118"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An attacker with low privileges can cause denial of service in Kraftway 24F2XG Router firmware version 3.5.30.1118."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service by an attacker with low privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-008-kraftway-24f2xg-router-denial-of-service/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-008-kraftway-24f2xg-router-denial-of-service/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2018-15352",
"datePublished": "2018-08-17T14:00:00.000Z",
"dateReserved": "2018-08-15T00:00:00.000Z",
"dateUpdated": "2024-08-05T09:54:01.844Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15351 (GCVE-0-2018-15351)
Vulnerability from cvelistv5 – Published: 2018-08-17 14:00 – Updated: 2024-08-05 09:54
VLAI?
Summary
Denial of service via crafting malicious link and sending it to a privileged user can cause Denial of Service in Kraftway 24F2XG Router firmware version 3.5.30.1118.
Severity ?
No CVSS data available.
CWE
- Denial of service via crafting malicious link and sending it to a privileged user
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kaspersky Lab | Kraftway |
Affected:
Kraftway-24F2XG Router firmware 3.5.30.1118
|
Date Public ?
2018-08-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:54:01.983Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-007-kraftway-24f2xg-router-denial-of-service/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kraftway",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "Kraftway-24F2XG Router firmware 3.5.30.1118"
}
]
}
],
"datePublic": "2018-08-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Denial of service via crafting malicious link and sending it to a privileged user can cause Denial of Service in Kraftway 24F2XG Router firmware version 3.5.30.1118."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service via crafting malicious link and sending it to a privileged user",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-17T13:57:01.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-007-kraftway-24f2xg-router-denial-of-service/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"ID": "CVE-2018-15351",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kraftway",
"version": {
"version_data": [
{
"version_value": "Kraftway-24F2XG Router firmware 3.5.30.1118"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Denial of service via crafting malicious link and sending it to a privileged user can cause Denial of Service in Kraftway 24F2XG Router firmware version 3.5.30.1118."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service via crafting malicious link and sending it to a privileged user"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-007-kraftway-24f2xg-router-denial-of-service/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-007-kraftway-24f2xg-router-denial-of-service/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2018-15351",
"datePublished": "2018-08-17T14:00:00.000Z",
"dateReserved": "2018-08-15T00:00:00.000Z",
"dateUpdated": "2024-08-05T09:54:01.983Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15355 (GCVE-0-2018-15355)
Vulnerability from cvelistv5 – Published: 2018-08-17 14:00 – Updated: 2024-08-05 09:54
VLAI?
Summary
Usage of SSLv2 and SSLv3 leads to transmitted data decryption in Kraftway 24F2XG Router firmware 3.5.30.1118.
Severity ?
No CVSS data available.
CWE
- Usage of SSLv2 and SSLv3 leads to transmitted data decryption
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kaspersky Lab | Kraftway |
Affected:
Kraftway 24F2XG Router firmware 3.5.30.1118
|
Date Public ?
2018-08-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:54:01.937Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-011-kraftway-24f2xg-router-outdated-certificate-usage/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kraftway",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "Kraftway 24F2XG Router firmware 3.5.30.1118"
}
]
}
],
"datePublic": "2018-08-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Usage of SSLv2 and SSLv3 leads to transmitted data decryption in Kraftway 24F2XG Router firmware 3.5.30.1118."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Usage of SSLv2 and SSLv3 leads to transmitted data decryption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-17T13:57:01.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-011-kraftway-24f2xg-router-outdated-certificate-usage/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"ID": "CVE-2018-15355",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kraftway",
"version": {
"version_data": [
{
"version_value": "Kraftway 24F2XG Router firmware 3.5.30.1118"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Usage of SSLv2 and SSLv3 leads to transmitted data decryption in Kraftway 24F2XG Router firmware 3.5.30.1118."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Usage of SSLv2 and SSLv3 leads to transmitted data decryption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-011-kraftway-24f2xg-router-outdated-certificate-usage/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-011-kraftway-24f2xg-router-outdated-certificate-usage/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2018-15355",
"datePublished": "2018-08-17T14:00:00.000Z",
"dateReserved": "2018-08-15T00:00:00.000Z",
"dateUpdated": "2024-08-05T09:54:01.937Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}