Search criteria
7 vulnerabilities found for cubeone by ismartalarm
VAR-201712-0792
Vulnerability from variot - Updated: 2025-04-20 23:42Password file exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows attackers to execute arbitrary commands with administrative privileges by retrieving credentials from this file. iSmartAlarm CubeOne Contains an information disclosure vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. iSmartAlarm CubeOne is a smart home central control device produced by iSmartAlarm in the United States. There are security vulnerabilities in the firmware of iSmartAlarm CubeOne 2.2.4.8 and earlier versions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201712-0792",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cubeone",
"scope": "lte",
"trust": 1.0,
"vendor": "ismartalarm",
"version": "2.2.4.8"
},
{
"model": "cubeone",
"scope": "lte",
"trust": 0.8,
"vendor": "ismart alarm",
"version": "2.2.4.8"
},
{
"model": "cubeone",
"scope": "eq",
"trust": 0.6,
"vendor": "ismartalarm",
"version": "2.2.4.8"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010952"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1091"
},
{
"db": "NVD",
"id": "CVE-2017-13664"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:ismartalarm:cube_one_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010952"
}
]
},
"cve": "CVE-2017-13664",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-13664",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-104309",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-13664",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-13664",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-13664",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1091",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-104309",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104309"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010952"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1091"
},
{
"db": "NVD",
"id": "CVE-2017-13664"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Password file exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows attackers to execute arbitrary commands with administrative privileges by retrieving credentials from this file. iSmartAlarm CubeOne Contains an information disclosure vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. iSmartAlarm CubeOne is a smart home central control device produced by iSmartAlarm in the United States. There are security vulnerabilities in the firmware of iSmartAlarm CubeOne 2.2.4.8 and earlier versions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13664"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010952"
},
{
"db": "VULHUB",
"id": "VHN-104309"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-13664",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010952",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1091",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-104309",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104309"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010952"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1091"
},
{
"db": "NVD",
"id": "CVE-2017-13664"
}
]
},
"id": "VAR-201712-0792",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-104309"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-20T23:42:03.417000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CubeOne",
"trust": 0.8,
"url": "https://www.ismartalarm.com/p/ISA00011/cubeone"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010952"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104309"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010952"
},
{
"db": "NVD",
"id": "CVE-2017-13664"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://poppopretn.com/2017/11/30/public-disclosure-firmware-vulnerabilities-in-ismartalarm-cubeone/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13664"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13664"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104309"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010952"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1091"
},
{
"db": "NVD",
"id": "CVE-2017-13664"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-104309"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010952"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1091"
},
{
"db": "NVD",
"id": "CVE-2017-13664"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-01T00:00:00",
"db": "VULHUB",
"id": "VHN-104309"
},
{
"date": "2017-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010952"
},
{
"date": "2017-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1091"
},
{
"date": "2017-12-01T17:29:00.277000",
"db": "NVD",
"id": "CVE-2017-13664"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-18T00:00:00",
"db": "VULHUB",
"id": "VHN-104309"
},
{
"date": "2017-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010952"
},
{
"date": "2017-12-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1091"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-13664"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1091"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iSmartAlarm CubeOne Vulnerable to information disclosure",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010952"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1091"
}
],
"trust": 0.6
}
}
VAR-201707-1216
Vulnerability from variot - Updated: 2025-04-20 23:35On iSmartAlarm cube devices, there is Incorrect Access Control because a "new key" is transmitted in cleartext. iSmartAlarmcubedevices is a smart home device from iSmartAlarm. There are currently no detailed details of the vulnerability provided
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-1216",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cube one",
"scope": null,
"trust": 1.2,
"vendor": "ismartalarm",
"version": null
},
{
"model": "cubeone",
"scope": "eq",
"trust": 1.0,
"vendor": "ismartalarm",
"version": null
},
{
"model": "cubeone",
"scope": null,
"trust": 0.8,
"vendor": "ismart alarm",
"version": null
},
{
"model": "cube one",
"scope": "eq",
"trust": 0.6,
"vendor": "ismartalarm",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-31140"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005529"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-554"
},
{
"db": "NVD",
"id": "CVE-2017-7729"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:ismartalarm:cube_one_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005529"
}
]
},
"cve": "CVE-2017-7729",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-7729",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-31140",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-115932",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-7729",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-7729",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-7729",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-7729",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-31140",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201707-554",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-115932",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-31140"
},
{
"db": "VULHUB",
"id": "VHN-115932"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005529"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-554"
},
{
"db": "NVD",
"id": "CVE-2017-7729"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On iSmartAlarm cube devices, there is Incorrect Access Control because a \"new key\" is transmitted in cleartext. iSmartAlarmcubedevices is a smart home device from iSmartAlarm. There are currently no detailed details of the vulnerability provided",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7729"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005529"
},
{
"db": "CNVD",
"id": "CNVD-2017-31140"
},
{
"db": "VULHUB",
"id": "VHN-115932"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7729",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005529",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201707-554",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-31140",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-115932",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-31140"
},
{
"db": "VULHUB",
"id": "VHN-115932"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005529"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-554"
},
{
"db": "NVD",
"id": "CVE-2017-7729"
}
]
},
"id": "VAR-201707-1216",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-31140"
},
{
"db": "VULHUB",
"id": "VHN-115932"
}
],
"trust": 1.3666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-31140"
}
]
},
"last_update_date": "2025-04-20T23:35:48.078000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CubeOne",
"trust": 0.8,
"url": "https://www.ismartalarm.com/p/ISA00011/cubeone"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005529"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-311",
"trust": 1.1
},
{
"problemtype": "CWE-284",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-115932"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005529"
},
{
"db": "NVD",
"id": "CVE-2017-7729"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://dojo.bullguard.com/blog/burglar-hacker-when-a-physical-security-is-compromised-by-iot-vulnerabilities/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7729"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7729"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-31140"
},
{
"db": "VULHUB",
"id": "VHN-115932"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005529"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-554"
},
{
"db": "NVD",
"id": "CVE-2017-7729"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-31140"
},
{
"db": "VULHUB",
"id": "VHN-115932"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005529"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-554"
},
{
"db": "NVD",
"id": "CVE-2017-7729"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-31140"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-115932"
},
{
"date": "2017-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005529"
},
{
"date": "2017-07-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-554"
},
{
"date": "2017-07-11T17:29:00.317000",
"db": "NVD",
"id": "CVE-2017-7729"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-31140"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-115932"
},
{
"date": "2017-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005529"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-554"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-7729"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-554"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iSmartAlarm cube Device Access Control Error Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-31140"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-554"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-554"
}
],
"trust": 0.6
}
}
VAR-201712-0791
Vulnerability from variot - Updated: 2025-04-20 23:34Encryption key exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows attackers to decrypt log files via an exposed key. iSmartAlarm CubeOne Contains an information disclosure vulnerability.Information may be obtained. iSmartAlarm CubeOne is a smart home central control device produced by iSmartAlarm in the United States. There are security vulnerabilities in the firmware of iSmartAlarm CubeOne 2.2.4.8 and earlier versions. An attacker could exploit this vulnerability to decrypt log files
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201712-0791",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cubeone",
"scope": "lte",
"trust": 1.0,
"vendor": "ismartalarm",
"version": "2.2.4.8"
},
{
"model": "cubeone",
"scope": "lte",
"trust": 0.8,
"vendor": "ismart alarm",
"version": "2.2.4.8"
},
{
"model": "cubeone",
"scope": "eq",
"trust": 0.6,
"vendor": "ismartalarm",
"version": "2.2.4.8"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011018"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1092"
},
{
"db": "NVD",
"id": "CVE-2017-13663"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:ismartalarm:cube_one_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011018"
}
]
},
"cve": "CVE-2017-13663",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-13663",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-104308",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-13663",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-13663",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-13663",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1092",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-104308",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104308"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011018"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1092"
},
{
"db": "NVD",
"id": "CVE-2017-13663"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Encryption key exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows attackers to decrypt log files via an exposed key. iSmartAlarm CubeOne Contains an information disclosure vulnerability.Information may be obtained. iSmartAlarm CubeOne is a smart home central control device produced by iSmartAlarm in the United States. There are security vulnerabilities in the firmware of iSmartAlarm CubeOne 2.2.4.8 and earlier versions. An attacker could exploit this vulnerability to decrypt log files",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13663"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011018"
},
{
"db": "VULHUB",
"id": "VHN-104308"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-13663",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011018",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1092",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-104308",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104308"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011018"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1092"
},
{
"db": "NVD",
"id": "CVE-2017-13663"
}
]
},
"id": "VAR-201712-0791",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-104308"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-20T23:34:15.022000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CubeOne",
"trust": 0.8,
"url": "https://www.ismartalarm.com/p/ISA00011/cubeone"
},
{
"title": "iSmartAlarm CubeOne Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=100000"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011018"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1092"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-312",
"trust": 1.1
},
{
"problemtype": "CWE-200",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104308"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011018"
},
{
"db": "NVD",
"id": "CVE-2017-13663"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://poppopretn.com/2017/11/30/public-disclosure-firmware-vulnerabilities-in-ismartalarm-cubeone/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13663"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13663"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104308"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011018"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1092"
},
{
"db": "NVD",
"id": "CVE-2017-13663"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-104308"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011018"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1092"
},
{
"db": "NVD",
"id": "CVE-2017-13663"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-01T00:00:00",
"db": "VULHUB",
"id": "VHN-104308"
},
{
"date": "2017-12-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011018"
},
{
"date": "2017-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1092"
},
{
"date": "2017-12-01T17:29:00.230000",
"db": "NVD",
"id": "CVE-2017-13663"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-104308"
},
{
"date": "2017-12-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011018"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1092"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-13663"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1092"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iSmartAlarm CubeOne Vulnerable to information disclosure",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011018"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1092"
}
],
"trust": 0.6
}
}
VAR-201707-1213
Vulnerability from variot - Updated: 2025-04-20 23:30iSmartAlarm cube devices have an SSL Certificate Validation Vulnerability. iSmartAlarmcubedevices is a smart home device from iSmartAlarm. An information disclosure vulnerability exists in the iSmartAlarmcube device. A remote attack can exploit this vulnerability to obtain arbitrary passwords or personal data. [+] Credits: Ilia Shnaidman [+] Source: http://dojo.bullguard.com/blog/burglar-hacker-when-a-physical-security-is-compromised-by-iot-vulnerabilities/
Vendor:
iSmartAlarm, inc.
Product:
iSmartAlarm cube - All versions
iSmartAlarm is one of the leading IoT manufactures in the domain of smart alarm systems. It provides a fully integrated alarm system with siren, smart cameras and locks. It functions like any alarm system, but with the benefits of a connected device: alerts pop up on your phone, offering you full remote control via mobile app wherever you are.
Attack Vectors:
An attacker can get any password/personal data by setting man in the middle sniffer attack with a fake certificate on port 8443.
Network Access:
Remote
Severity:
High
Disclosure Timeline:
Jan 30, 2017: Initial contact to vendor Feb 1, 2017: Vendor replied, requesting details Feb 2, 2017: Disclosure to vendor Apr 12, 2017: After vendor didn't replied, I've approached CERT Apr 13, 2017: Confirmed receipt by CERT and assigning CVEs July 05, 2017: Public disclosure
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-1213",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cubeone",
"scope": "eq",
"trust": 1.0,
"vendor": "ismartalarm",
"version": null
},
{
"model": "cubeone",
"scope": null,
"trust": 0.8,
"vendor": "ismart alarm",
"version": null
},
{
"model": "cube devices",
"scope": null,
"trust": 0.6,
"vendor": "ismartalarm",
"version": null
},
{
"model": "cube one",
"scope": "eq",
"trust": 0.6,
"vendor": "ismartalarm",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-32131"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005527"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-556"
},
{
"db": "NVD",
"id": "CVE-2017-7726"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:ismartalarm:cube_one_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005527"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ilia Shnaidman",
"sources": [
{
"db": "PACKETSTORM",
"id": "143343"
}
],
"trust": 0.1
},
"cve": "CVE-2017-7726",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-7726",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-32131",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-115929",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-7726",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-7726",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-7726",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-7726",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-32131",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201707-556",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-115929",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-7726",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-32131"
},
{
"db": "VULHUB",
"id": "VHN-115929"
},
{
"db": "VULMON",
"id": "CVE-2017-7726"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005527"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-556"
},
{
"db": "NVD",
"id": "CVE-2017-7726"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iSmartAlarm cube devices have an SSL Certificate Validation Vulnerability. iSmartAlarmcubedevices is a smart home device from iSmartAlarm. An information disclosure vulnerability exists in the iSmartAlarmcube device. A remote attack can exploit this vulnerability to obtain arbitrary passwords or personal data. [+] Credits: Ilia Shnaidman\n[+] Source:\nhttp://dojo.bullguard.com/blog/burglar-hacker-when-a-physical-security-is-compromised-by-iot-vulnerabilities/\n\nVendor:\n=============\niSmartAlarm, inc. \n\n\nProduct:\n===========================\niSmartAlarm cube - All versions\n\niSmartAlarm is one of the leading IoT manufactures in the domain of smart alarm systems. \nIt provides a fully integrated alarm system with siren, smart cameras and locks. \nIt functions like any alarm system, but with the benefits of a connected device: alerts pop up on your phone,\noffering you full remote control via mobile app wherever you are. \n\n\nAttack Vectors:\n================\nAn attacker can get any password/personal data by setting man\nin the middle sniffer attack with a fake certificate on port 8443. \n\n\nNetwork Access:\n===============\nRemote\n\n\nSeverity:\n=========\nHigh\n\n\nDisclosure Timeline:\n=====================================\nJan 30, 2017: Initial contact to vendor\nFeb 1, 2017: Vendor replied, requesting details\nFeb 2, 2017: Disclosure to vendor\nApr 12, 2017: After vendor didn\u0027t replied, I\u0027ve approached CERT\nApr 13, 2017: Confirmed receipt by CERT and assigning CVEs\nJuly 05, 2017: Public disclosure\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7726"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005527"
},
{
"db": "CNVD",
"id": "CNVD-2017-32131"
},
{
"db": "VULHUB",
"id": "VHN-115929"
},
{
"db": "VULMON",
"id": "CVE-2017-7726"
},
{
"db": "PACKETSTORM",
"id": "143343"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7726",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005527",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201707-556",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-32131",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "143343",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-115929",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143368",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-7726",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-32131"
},
{
"db": "VULHUB",
"id": "VHN-115929"
},
{
"db": "VULMON",
"id": "CVE-2017-7726"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005527"
},
{
"db": "PACKETSTORM",
"id": "143343"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-556"
},
{
"db": "NVD",
"id": "CVE-2017-7726"
}
]
},
"id": "VAR-201707-1213",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-32131"
},
{
"db": "VULHUB",
"id": "VHN-115929"
}
],
"trust": 1.53333335
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-32131"
}
]
},
"last_update_date": "2025-04-20T23:30:54.292000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CubeOne",
"trust": 0.8,
"url": "https://www.ismartalarm.com/p/ISA00011/cubeone"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005527"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-295",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-115929"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005527"
},
{
"db": "NVD",
"id": "CVE-2017-7726"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://dojo.bullguard.com/blog/burglar-hacker-when-a-physical-security-is-compromised-by-iot-vulnerabilities/"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7726"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7726"
},
{
"trust": 0.6,
"url": "https://www.ismartalarm.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/295.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://packetstormsecurity.com/files/143368/ismartalarm-cubeone-remote-command-execution.html"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-32131"
},
{
"db": "VULHUB",
"id": "VHN-115929"
},
{
"db": "VULMON",
"id": "CVE-2017-7726"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005527"
},
{
"db": "PACKETSTORM",
"id": "143343"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-556"
},
{
"db": "NVD",
"id": "CVE-2017-7726"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-32131"
},
{
"db": "VULHUB",
"id": "VHN-115929"
},
{
"db": "VULMON",
"id": "CVE-2017-7726"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005527"
},
{
"db": "PACKETSTORM",
"id": "143343"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-556"
},
{
"db": "NVD",
"id": "CVE-2017-7726"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-32131"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-115929"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULMON",
"id": "CVE-2017-7726"
},
{
"date": "2017-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005527"
},
{
"date": "2017-07-12T20:22:22",
"db": "PACKETSTORM",
"id": "143343"
},
{
"date": "2017-07-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-556"
},
{
"date": "2017-07-11T17:29:00.223000",
"db": "NVD",
"id": "CVE-2017-7726"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-32131"
},
{
"date": "2017-07-13T00:00:00",
"db": "VULHUB",
"id": "VHN-115929"
},
{
"date": "2017-07-13T00:00:00",
"db": "VULMON",
"id": "CVE-2017-7726"
},
{
"date": "2017-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005527"
},
{
"date": "2021-08-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-556"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-7726"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-556"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iSmartAlarm cube Device certificate validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005527"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-556"
}
],
"trust": 0.6
}
}
VAR-201707-1215
Vulnerability from variot - Updated: 2025-04-20 23:30On iSmartAlarm cube devices, there is authentication bypass leading to remote execution of commands (e.g., setting the alarm on/off), related to incorrect cryptography. iSmartAlarm cube The device contains cryptographic vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. iSmartAlarmcubedevices is a smart home device from iSmartAlarm. An authentication bypass vulnerability exists in the iSmartAlarmcube device. A remote attacker can exploit the vulnerability to execute commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-1215",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cubeone",
"scope": "eq",
"trust": 1.0,
"vendor": "ismartalarm",
"version": null
},
{
"model": "cubeone",
"scope": null,
"trust": 0.8,
"vendor": "ismart alarm",
"version": null
},
{
"model": "cube devices",
"scope": null,
"trust": 0.6,
"vendor": "ismartalarm",
"version": null
},
{
"model": "cube one",
"scope": "eq",
"trust": 0.6,
"vendor": "ismartalarm",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23946"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005528"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-555"
},
{
"db": "NVD",
"id": "CVE-2017-7728"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:ismartalarm:cube_one_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005528"
}
]
},
"cve": "CVE-2017-7728",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-7728",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-23946",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-115931",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-7728",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-7728",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-7728",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-7728",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2017-23946",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201707-555",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-115931",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23946"
},
{
"db": "VULHUB",
"id": "VHN-115931"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005528"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-555"
},
{
"db": "NVD",
"id": "CVE-2017-7728"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On iSmartAlarm cube devices, there is authentication bypass leading to remote execution of commands (e.g., setting the alarm on/off), related to incorrect cryptography. iSmartAlarm cube The device contains cryptographic vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. iSmartAlarmcubedevices is a smart home device from iSmartAlarm. An authentication bypass vulnerability exists in the iSmartAlarmcube device. A remote attacker can exploit the vulnerability to execute commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7728"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005528"
},
{
"db": "CNVD",
"id": "CNVD-2017-23946"
},
{
"db": "VULHUB",
"id": "VHN-115931"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7728",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005528",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201707-555",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-23946",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "143368",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-97279",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-97273",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-115931",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23946"
},
{
"db": "VULHUB",
"id": "VHN-115931"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005528"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-555"
},
{
"db": "NVD",
"id": "CVE-2017-7728"
}
]
},
"id": "VAR-201707-1215",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23946"
},
{
"db": "VULHUB",
"id": "VHN-115931"
}
],
"trust": 1.53333335
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23946"
}
]
},
"last_update_date": "2025-04-20T23:30:54.262000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CubeOne",
"trust": 0.8,
"url": "https://www.ismartalarm.com/p/ISA00011/cubeone"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005528"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-310",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-115931"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005528"
},
{
"db": "NVD",
"id": "CVE-2017-7728"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://dojo.bullguard.com/blog/burglar-hacker-when-a-physical-security-is-compromised-by-iot-vulnerabilities/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7728"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7728"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23946"
},
{
"db": "VULHUB",
"id": "VHN-115931"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005528"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-555"
},
{
"db": "NVD",
"id": "CVE-2017-7728"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-23946"
},
{
"db": "VULHUB",
"id": "VHN-115931"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005528"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-555"
},
{
"db": "NVD",
"id": "CVE-2017-7728"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23946"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-115931"
},
{
"date": "2017-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005528"
},
{
"date": "2017-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-555"
},
{
"date": "2017-07-11T17:29:00.287000",
"db": "NVD",
"id": "CVE-2017-7728"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23946"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-115931"
},
{
"date": "2017-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005528"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-555"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-7728"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-555"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iSmartAlarm cube Cryptographic vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005528"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-555"
}
],
"trust": 0.6
}
}
VAR-201707-1217
Vulnerability from variot - Updated: 2025-04-20 23:19iSmartAlarm cube devices allow Denial of Service. Sending a SYN flood on port 12345 will freeze the "cube" and it will stop responding. iSmartAlarm cube The device contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. An attacker could use this vulnerability to cause a denial of service (device stops responding)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-1217",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cubeone",
"scope": "eq",
"trust": 1.0,
"vendor": "ismartalarm",
"version": null
},
{
"model": "cubeone",
"scope": null,
"trust": 0.8,
"vendor": "ismart alarm",
"version": null
},
{
"model": "cube devices",
"scope": null,
"trust": 0.6,
"vendor": "ismartalarm",
"version": null
},
{
"model": "cube one",
"scope": "eq",
"trust": 0.6,
"vendor": "ismartalarm",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23947"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005530"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-553"
},
{
"db": "NVD",
"id": "CVE-2017-7730"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:ismartalarm:cube_one_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005530"
}
]
},
"cve": "CVE-2017-7730",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-7730",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-23947",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-115933",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-7730",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-7730",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-7730",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-7730",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-23947",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201707-553",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-115933",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-7730",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23947"
},
{
"db": "VULHUB",
"id": "VHN-115933"
},
{
"db": "VULMON",
"id": "CVE-2017-7730"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005530"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-553"
},
{
"db": "NVD",
"id": "CVE-2017-7730"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iSmartAlarm cube devices allow Denial of Service. Sending a SYN flood on port 12345 will freeze the \"cube\" and it will stop responding. iSmartAlarm cube The device contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. An attacker could use this vulnerability to cause a denial of service (device stops responding)",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7730"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005530"
},
{
"db": "CNVD",
"id": "CNVD-2017-23947"
},
{
"db": "VULHUB",
"id": "VHN-115933"
},
{
"db": "VULMON",
"id": "CVE-2017-7730"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7730",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005530",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201707-553",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-23947",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-115933",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-7730",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23947"
},
{
"db": "VULHUB",
"id": "VHN-115933"
},
{
"db": "VULMON",
"id": "CVE-2017-7730"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005530"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-553"
},
{
"db": "NVD",
"id": "CVE-2017-7730"
}
]
},
"id": "VAR-201707-1217",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23947"
},
{
"db": "VULHUB",
"id": "VHN-115933"
}
],
"trust": 1.53333335
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23947"
}
]
},
"last_update_date": "2025-04-20T23:19:54.016000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CubeOne",
"trust": 0.8,
"url": "https://www.ismartalarm.com/p/ISA00011/cubeone"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005530"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-115933"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005530"
},
{
"db": "NVD",
"id": "CVE-2017-7730"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "http://dojo.bullguard.com/blog/burglar-hacker-when-a-physical-security-is-compromised-by-iot-vulnerabilities/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7730"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7730"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23947"
},
{
"db": "VULHUB",
"id": "VHN-115933"
},
{
"db": "VULMON",
"id": "CVE-2017-7730"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005530"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-553"
},
{
"db": "NVD",
"id": "CVE-2017-7730"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-23947"
},
{
"db": "VULHUB",
"id": "VHN-115933"
},
{
"db": "VULMON",
"id": "CVE-2017-7730"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005530"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-553"
},
{
"db": "NVD",
"id": "CVE-2017-7730"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23947"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-115933"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULMON",
"id": "CVE-2017-7730"
},
{
"date": "2017-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005530"
},
{
"date": "2017-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-553"
},
{
"date": "2017-07-11T17:29:00.347000",
"db": "NVD",
"id": "CVE-2017-7730"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23947"
},
{
"date": "2017-07-13T00:00:00",
"db": "VULHUB",
"id": "VHN-115933"
},
{
"date": "2017-07-13T00:00:00",
"db": "VULMON",
"id": "CVE-2017-7730"
},
{
"date": "2017-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005530"
},
{
"date": "2021-08-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-553"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-7730"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-553"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iSmartAlarm cube Vulnerability related to input validation on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005530"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-553"
}
],
"trust": 0.6
}
}
VAR-201811-0326
Vulnerability from variot - Updated: 2024-11-23 22:21Incorrect access control for the diagnostic files of the iSmartAlarm Cube One through 2.2.4.10 allows an attacker to retrieve them via a specifically crafted TCP request to port 12345 and 22306, and access sensitive information from the device. iSmartAlarm Cube One Contains an information disclosure vulnerability.Information may be obtained. iSmartAlarm Cube One is a smart home control device from iSmartAlarm. The vulnerability stems from the program failing to perform proper access control. Sensitive information. Multiple vulnerabilities have been identified in the QBee Camera (CVE-2018-16223) and iSmartAlarm devices (CVE-2018-16222 & CVE-2018-16224) and/or companion applications.
https://blog.francescoservida.ch/2018/10/31/cve-2018-16222-to-16225-multiple-vulnerabilities-in-qbee-and-ismartalarm-products/
CVE-2018-16222
CVSS: 6.4 - AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Cleartext Storage of credentials in the iSmartAlermData.xml configuration file in the iSmartAlarm application through 2.0.8 for Android allows an attacker to retrieve the username and password. [VulnerabilityType Other] Cleartext Storage in a File or on Disk [Vendor of Product] iSmartAlarm [Affected Product Code Base] iSmartAlarm - <= 2.0.8 [Affected Component] iSmartAlermData.xml [Attack Type] Physical [Impact Information Disclosure] true [Attack Vectors] Extraction of iSmartAlermData.xml by any mean [Has vendor confirmed or acknowledged the vulnerability?] True
CVE-2018-16223
CVSS: 6.4 - AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Insecure Cryptographic Storage of credentials in com.vestiacom.qbeecamera_preferences.xml in the QBee Cam application through 1.0.5 for Android allows an attacker to retrieve the username and password. [Vulnerability Type] Incorrect Access Control [Vendor of Product] iSmartAlarm [Affected Product Code Base] iSmartAlarm Cube One - <= 2.2.4.10 (Fixed version number not yet available) [Affected Component] Network Traffic, Diagnostic Informations [Attack Type] Remote [Impact Information Disclosure] true [Attack Vectors] A carefully crafted TCP request to port 12345 et 22306 [Has vendor confirmed or acknowledged the vulnerability?] true
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0326",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cubeone",
"scope": "lte",
"trust": 1.0,
"vendor": "ismartalarm",
"version": "2.2.4.10"
},
{
"model": "cubeone",
"scope": "lte",
"trust": 0.8,
"vendor": "ismart alarm",
"version": "2.2.4.10"
},
{
"model": "cube one",
"scope": "lte",
"trust": 0.6,
"vendor": "ismartalarm",
"version": "\u003c=2.2.4.10"
},
{
"model": "cubeone",
"scope": "eq",
"trust": 0.6,
"vendor": "ismartalarm",
"version": "2.2.4.10"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-05541"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012348"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-086"
},
{
"db": "NVD",
"id": "CVE-2018-16224"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:ismartalarm:cube_one_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012348"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Francesco Servida",
"sources": [
{
"db": "PACKETSTORM",
"id": "150165"
}
],
"trust": 0.1
},
"cve": "CVE-2018-16224",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-16224",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-05541",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-126562",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2018-16224",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-16224",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-16224",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2019-05541",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-086",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-126562",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-05541"
},
{
"db": "VULHUB",
"id": "VHN-126562"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012348"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-086"
},
{
"db": "NVD",
"id": "CVE-2018-16224"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Incorrect access control for the diagnostic files of the iSmartAlarm Cube One through 2.2.4.10 allows an attacker to retrieve them via a specifically crafted TCP request to port 12345 and 22306, and access sensitive information from the device. iSmartAlarm Cube One Contains an information disclosure vulnerability.Information may be obtained. iSmartAlarm Cube One is a smart home control device from iSmartAlarm. The vulnerability stems from the program failing to perform proper access control. Sensitive information. Multiple vulnerabilities have been identified in the QBee Camera (CVE-2018-16223) and iSmartAlarm devices (CVE-2018-16222 \u0026 CVE-2018-16224) and/or companion applications. \n\nhttps://blog.francescoservida.ch/2018/10/31/cve-2018-16222-to-16225-multiple-vulnerabilities-in-qbee-and-ismartalarm-products/\n\n# CVE-2018-16222\n###############\n\nCVSS: 6.4 - AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\n\nCleartext Storage of credentials in the iSmartAlermData.xml configuration file in the iSmartAlarm application through 2.0.8 for Android allows an attacker to retrieve the username and password. \n[VulnerabilityType Other]\n Cleartext Storage in a File or on Disk\n[Vendor of Product]\n iSmartAlarm\n[Affected Product Code Base]\n iSmartAlarm - \u003c= 2.0.8\n[Affected Component]\n iSmartAlermData.xml\n[Attack Type]\n Physical\n[Impact Information Disclosure]\n true\n[Attack Vectors]\n Extraction of iSmartAlermData.xml by any mean\n[Has vendor confirmed or acknowledged the vulnerability?]\n True\n\n\n# CVE-2018-16223\n###############\n\nCVSS: 6.4 - AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\n\nInsecure Cryptographic Storage of credentials in com.vestiacom.qbeecamera_preferences.xml in the QBee Cam application through 1.0.5 for Android allows an attacker to retrieve the username and password. \n[Vulnerability Type]\n Incorrect Access Control\n[Vendor of Product]\n iSmartAlarm\n[Affected Product Code Base]\n iSmartAlarm Cube One - \u003c= 2.2.4.10 (Fixed version number not yet available)\n[Affected Component]\n Network Traffic, Diagnostic Informations\n[Attack Type]\n Remote\n[Impact Information Disclosure]\n true\n[Attack Vectors]\n A carefully crafted TCP request to port 12345 et 22306\n[Has vendor confirmed or acknowledged the vulnerability?]\n true\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-16224"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012348"
},
{
"db": "CNVD",
"id": "CNVD-2019-05541"
},
{
"db": "VULHUB",
"id": "VHN-126562"
},
{
"db": "PACKETSTORM",
"id": "150165"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-16224",
"trust": 3.2
},
{
"db": "PACKETSTORM",
"id": "150165",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012348",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-086",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-05541",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-126562",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-05541"
},
{
"db": "VULHUB",
"id": "VHN-126562"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012348"
},
{
"db": "PACKETSTORM",
"id": "150165"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-086"
},
{
"db": "NVD",
"id": "CVE-2018-16224"
}
]
},
"id": "VAR-201811-0326",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-05541"
},
{
"db": "VULHUB",
"id": "VHN-126562"
}
],
"trust": 1.3666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-05541"
}
]
},
"last_update_date": "2024-11-23T22:21:53.888000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.ismartalarm.com/"
},
{
"title": "Patch for iSmartAlarm Cube One Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/154707"
},
{
"title": "iSmartAlarm Cube One Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86608"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-05541"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012348"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-086"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126562"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012348"
},
{
"db": "NVD",
"id": "CVE-2018-16224"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://packetstormsecurity.com/files/150165/qbee-camera-ismartalarm-credential-disclosure.html"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2018/nov/2"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16224"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-16224"
},
{
"trust": 0.1,
"url": "https://blog.francescoservida.ch/2018/10/31/cve-2018-16222-to-16225-multiple-vulnerabilities-in-qbee-and-ismartalarm-products/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16223"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-05541"
},
{
"db": "VULHUB",
"id": "VHN-126562"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012348"
},
{
"db": "PACKETSTORM",
"id": "150165"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-086"
},
{
"db": "NVD",
"id": "CVE-2018-16224"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-05541"
},
{
"db": "VULHUB",
"id": "VHN-126562"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012348"
},
{
"db": "PACKETSTORM",
"id": "150165"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-086"
},
{
"db": "NVD",
"id": "CVE-2018-16224"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-05541"
},
{
"date": "2018-11-20T00:00:00",
"db": "VULHUB",
"id": "VHN-126562"
},
{
"date": "2019-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012348"
},
{
"date": "2018-11-05T20:47:02",
"db": "PACKETSTORM",
"id": "150165"
},
{
"date": "2018-11-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-086"
},
{
"date": "2018-11-20T19:29:00.557000",
"db": "NVD",
"id": "CVE-2018-16224"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-05541"
},
{
"date": "2018-12-20T00:00:00",
"db": "VULHUB",
"id": "VHN-126562"
},
{
"date": "2019-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012348"
},
{
"date": "2018-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-086"
},
{
"date": "2024-11-21T03:52:19.097000",
"db": "NVD",
"id": "CVE-2018-16224"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-086"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iSmartAlarm Cube One Information Disclosure Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-05541"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-086"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-086"
}
],
"trust": 0.6
}
}