Search
Find a vulnerability
Search criteria
1 vulnerability found for be126 by twsz
VAR-201805-1019
Vulnerability from variot - Updated: 2024-11-23 22:12Due to the lack of firmware authentication in the upgrade process of T&W WIFI Repeater BE126 devices, an attacker can craft a malicious firmware and use it as an update. T&W WIFI Repeater BE126 The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. GongjinElectronicsT&WWIFIRepeaterBE126 is a wireless Internet repeater from China's Gongjin Electronics. A security vulnerability exists in GongjinElectronicsT&WWIFIRepeaterBE126 that was caused by the upgrade process failing to authenticate the firmware. An attacker could exploit the vulnerability as a newer firmware with maliciously crafted firmware
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-1019",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "be126",
"scope": "eq",
"trust": 1.6,
"vendor": "twsz",
"version": null
},
{
"model": "be126",
"scope": null,
"trust": 0.8,
"vendor": "gongjin",
"version": null
},
{
"model": "electronics t\u0026w wifi repeater be126",
"scope": null,
"trust": 0.6,
"vendor": "gongjin",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10144"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004944"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-013"
},
{
"db": "NVD",
"id": "CVE-2018-9232"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:twsz:be126_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004944"
}
]
},
"cve": "CVE-2018-9232",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-9232",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-10144",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-139264",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2018-9232",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-9232",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-9232",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-10144",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-013",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-139264",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10144"
},
{
"db": "VULHUB",
"id": "VHN-139264"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004944"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-013"
},
{
"db": "NVD",
"id": "CVE-2018-9232"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Due to the lack of firmware authentication in the upgrade process of T\u0026W WIFI Repeater BE126 devices, an attacker can craft a malicious firmware and use it as an update. T\u0026W WIFI Repeater BE126 The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. GongjinElectronicsT\u0026WWIFIRepeaterBE126 is a wireless Internet repeater from China\u0027s Gongjin Electronics. A security vulnerability exists in GongjinElectronicsT\u0026WWIFIRepeaterBE126 that was caused by the upgrade process failing to authenticate the firmware. An attacker could exploit the vulnerability as a newer firmware with maliciously crafted firmware",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9232"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004944"
},
{
"db": "CNVD",
"id": "CNVD-2018-10144"
},
{
"db": "VULHUB",
"id": "VHN-139264"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-9232",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004944",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-013",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-10144",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-139264",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10144"
},
{
"db": "VULHUB",
"id": "VHN-139264"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004944"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-013"
},
{
"db": "NVD",
"id": "CVE-2018-9232"
}
]
},
"id": "VAR-201805-1019",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10144"
},
{
"db": "VULHUB",
"id": "VHN-139264"
}
],
"trust": 1.6375
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10144"
}
]
},
"last_update_date": "2024-11-23T22:12:31.657000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.twsz.com/en/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004944"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-139264"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004944"
},
{
"db": "NVD",
"id": "CVE-2018-9232"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.digitalwhisper.co.il/files/zines/0x5e/dw94-3-repeater2.pdf"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-9232"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-9232"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10144"
},
{
"db": "VULHUB",
"id": "VHN-139264"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004944"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-013"
},
{
"db": "NVD",
"id": "CVE-2018-9232"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-10144"
},
{
"db": "VULHUB",
"id": "VHN-139264"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004944"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-013"
},
{
"db": "NVD",
"id": "CVE-2018-9232"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10144"
},
{
"date": "2018-05-01T00:00:00",
"db": "VULHUB",
"id": "VHN-139264"
},
{
"date": "2018-07-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004944"
},
{
"date": "2018-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-013"
},
{
"date": "2018-05-01T18:29:00.633000",
"db": "NVD",
"id": "CVE-2018-9232"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10144"
},
{
"date": "2018-06-13T00:00:00",
"db": "VULHUB",
"id": "VHN-139264"
},
{
"date": "2018-07-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004944"
},
{
"date": "2018-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-013"
},
{
"date": "2024-11-21T04:15:10.360000",
"db": "NVD",
"id": "CVE-2018-9232"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-013"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "T\u0026W WIFI Repeater BE126 Authentication vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004944"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-013"
}
],
"trust": 0.6
}
}