Search criteria
1 vulnerability found for b11 by chuango
VAR-201905-1153
Vulnerability from variot - Updated: 2024-11-23 22:25The Chuango 433 MHz burglar-alarm product line is vulnerable to a Denial of Service attack. When the condition is triggered, the OV2 base station is unable to process sensor states and effectively prevents the alarm from setting off, as demonstrated by Chuango branded products, and non-Chuango branded products such as the Eminent EM8617 OV2 Wifi Alarm System. plural Chuango The product contains an access control vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Chuango Wifi Alarm System, etc. are a set of security alarm systems of China Chuango Company. Security flaws exist in several Chuango products. The following products and versions are affected: Chuango Wifi Alarm System (all versions); Chuango Wifi/Cellular Smart Home System H4 Plus (all versions); Wifi Alarm System AWV Plus (all versions); G5W 3G (all versions); GSM/SMS /RFID Touch Alarm System G5 Plus (all versions); Chuango GSM/SMS Alarm System G3 (all versions); G5W (all versions); Dual-Network Alarm System B11 (all versions); PSTN Alarm System A8 (all versions); PSTN/LCD/RFID Touch Alarm System A11 (all versions); CG-105S On-Site Alarm System (all versions)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1153",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "h4 plus",
"scope": "eq",
"trust": 1.0,
"vendor": "chuango",
"version": "*"
},
{
"model": "cg-105s",
"scope": "eq",
"trust": 1.0,
"vendor": "chuango",
"version": "*"
},
{
"model": "a11",
"scope": "eq",
"trust": 1.0,
"vendor": "chuango",
"version": "*"
},
{
"model": "awv plus",
"scope": "eq",
"trust": 1.0,
"vendor": "chuango",
"version": "*"
},
{
"model": "b11",
"scope": "eq",
"trust": 1.0,
"vendor": "chuango",
"version": "*"
},
{
"model": "g5w",
"scope": "eq",
"trust": 1.0,
"vendor": "chuango",
"version": "*"
},
{
"model": "g5w 3g",
"scope": "eq",
"trust": 1.0,
"vendor": "chuango",
"version": "*"
},
{
"model": "g5 plus",
"scope": "eq",
"trust": 1.0,
"vendor": "chuango",
"version": "*"
},
{
"model": "g3",
"scope": "eq",
"trust": 1.0,
"vendor": "chuango",
"version": "*"
},
{
"model": "a8",
"scope": "eq",
"trust": 1.0,
"vendor": "chuango",
"version": "*"
},
{
"model": "a11",
"scope": null,
"trust": 0.8,
"vendor": "chuango security corp",
"version": null
},
{
"model": "a8",
"scope": null,
"trust": 0.8,
"vendor": "chuango security corp",
"version": null
},
{
"model": "awv plus",
"scope": null,
"trust": 0.8,
"vendor": "chuango security corp",
"version": null
},
{
"model": "b11",
"scope": null,
"trust": 0.8,
"vendor": "chuango security corp",
"version": null
},
{
"model": "cg-105s",
"scope": null,
"trust": 0.8,
"vendor": "chuango security corp",
"version": null
},
{
"model": "g3",
"scope": null,
"trust": 0.8,
"vendor": "chuango security corp",
"version": null
},
{
"model": "g5 plus",
"scope": null,
"trust": 0.8,
"vendor": "chuango security corp",
"version": null
},
{
"model": "g5w 3g",
"scope": null,
"trust": 0.8,
"vendor": "chuango security corp",
"version": null
},
{
"model": "g5w",
"scope": null,
"trust": 0.8,
"vendor": "chuango security corp",
"version": null
},
{
"model": "h4 plus",
"scope": null,
"trust": 0.8,
"vendor": "chuango security corp",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004420"
},
{
"db": "NVD",
"id": "CVE-2019-11561"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:chuango:a11_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:chuango:a8_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:chuango:awv_plus_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:chuango:b11_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:chuango:cg-105s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:chuango:g3_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:chuango:g5_plus_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:chuango:g5w_3g_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:chuango:g5w_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:chuango:h4_plus_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004420"
}
]
},
"cve": "CVE-2019-11561",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2019-11561",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-143220",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"id": "CVE-2019-11561",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-11561",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-11561",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-200",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-143220",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-143220"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004420"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-200"
},
{
"db": "NVD",
"id": "CVE-2019-11561"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Chuango 433 MHz burglar-alarm product line is vulnerable to a Denial of Service attack. When the condition is triggered, the OV2 base station is unable to process sensor states and effectively prevents the alarm from setting off, as demonstrated by Chuango branded products, and non-Chuango branded products such as the Eminent EM8617 OV2 Wifi Alarm System. plural Chuango The product contains an access control vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Chuango Wifi Alarm System, etc. are a set of security alarm systems of China Chuango Company. Security flaws exist in several Chuango products. The following products and versions are affected: Chuango Wifi Alarm System (all versions); Chuango Wifi/Cellular Smart Home System H4 Plus (all versions); Wifi Alarm System AWV Plus (all versions); G5W 3G (all versions); GSM/SMS /RFID Touch Alarm System G5 Plus (all versions); Chuango GSM/SMS Alarm System G3 (all versions); G5W (all versions); Dual-Network Alarm System B11 (all versions); PSTN Alarm System A8 (all versions); PSTN/LCD/RFID Touch Alarm System A11 (all versions); CG-105S On-Site Alarm System (all versions)",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-11561"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004420"
},
{
"db": "VULHUB",
"id": "VHN-143220"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-11561",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004420",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-200",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-143220",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-143220"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004420"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-200"
},
{
"db": "NVD",
"id": "CVE-2019-11561"
}
]
},
"id": "VAR-201905-1153",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-143220"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:25:56.017000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.chuango.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004420"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-143220"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004420"
},
{
"db": "NVD",
"id": "CVE-2019-11561"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://github.com/riiecco/write-ups/tree/master/cve-2019-11561"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11561"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11561"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-143220"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004420"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-200"
},
{
"db": "NVD",
"id": "CVE-2019-11561"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-143220"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004420"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-200"
},
{
"db": "NVD",
"id": "CVE-2019-11561"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-08T00:00:00",
"db": "VULHUB",
"id": "VHN-143220"
},
{
"date": "2019-05-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004420"
},
{
"date": "2019-05-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-200"
},
{
"date": "2019-05-08T16:29:00.407000",
"db": "NVD",
"id": "CVE-2019-11561"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-143220"
},
{
"date": "2019-05-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004420"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-200"
},
{
"date": "2024-11-21T04:21:21.170000",
"db": "NVD",
"id": "CVE-2019-11561"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-200"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Chuango Access control vulnerabilities in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004420"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-200"
}
],
"trust": 0.6
}
}