Search criteria
3 vulnerabilities found for dr-260 by westermo
VAR-201905-0837
Vulnerability from variot - Updated: 2024-11-23 23:08XSS exists in the /cmdexec/cmdexe?cmd= function in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers. Westermo DR-250 and DR-260 The router contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. WestermoDR-260 and others are products of Westermo, Sweden. The WestermoDR-260 is a DSL router. The WestermoDR-250 is a DSL router. The WestermoMR-260 is a 3G multimedia router. A cross-site scripting vulnerability exists in the \342\200\230/cmdexec/cmdexe?cmd=\342\200\231 command console in the WestermoDR-260Router, WestermoDR-250Router, and WestermoMR-260Router (all firmware versions). The vulnerability stems from the lack of proper validation of client data for web applications. An attacker could exploit the vulnerability to execute client code. Westermo DR-260 etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0837",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mr-260",
"scope": "eq",
"trust": 1.0,
"vendor": "westermo",
"version": "*"
},
{
"model": "dr-250",
"scope": "eq",
"trust": 1.0,
"vendor": "westermo",
"version": "*"
},
{
"model": "dr-260",
"scope": "eq",
"trust": 1.0,
"vendor": "westermo",
"version": "*"
},
{
"model": "dr-250",
"scope": null,
"trust": 0.8,
"vendor": "westermo",
"version": null
},
{
"model": "dr-260",
"scope": null,
"trust": 0.8,
"vendor": "westermo",
"version": null
},
{
"model": "mr-260",
"scope": null,
"trust": 0.8,
"vendor": "westermo",
"version": null
},
{
"model": "dr-260 router",
"scope": null,
"trust": 0.6,
"vendor": "westermo",
"version": null
},
{
"model": "dr-250 router",
"scope": null,
"trust": 0.6,
"vendor": "westermo",
"version": null
},
{
"model": "mr-260 router",
"scope": null,
"trust": 0.6,
"vendor": "westermo",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15543"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015493"
},
{
"db": "NVD",
"id": "CVE-2018-19614"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:westermo:dr-250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:westermo:dr-260_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:westermo:mr-260_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015493"
}
]
},
"cve": "CVE-2018-19614",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-19614",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2019-15543",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-130291",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2018-19614",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19614",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-19614",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2019-15543",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-977",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-130291",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15543"
},
{
"db": "VULHUB",
"id": "VHN-130291"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015493"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-977"
},
{
"db": "NVD",
"id": "CVE-2018-19614"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS exists in the /cmdexec/cmdexe?cmd= function in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers. Westermo DR-250 and DR-260 The router contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. WestermoDR-260 and others are products of Westermo, Sweden. The WestermoDR-260 is a DSL router. The WestermoDR-250 is a DSL router. The WestermoMR-260 is a 3G multimedia router. A cross-site scripting vulnerability exists in the \\342\\200\\230/cmdexec/cmdexe?cmd=\\342\\200\\231 command console in the WestermoDR-260Router, WestermoDR-250Router, and WestermoMR-260Router (all firmware versions). The vulnerability stems from the lack of proper validation of client data for web applications. An attacker could exploit the vulnerability to execute client code. Westermo DR-260 etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19614"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015493"
},
{
"db": "CNVD",
"id": "CNVD-2019-15543"
},
{
"db": "VULHUB",
"id": "VHN-130291"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19614",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015493",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-977",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-15543",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-130291",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15543"
},
{
"db": "VULHUB",
"id": "VHN-130291"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015493"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-977"
},
{
"db": "NVD",
"id": "CVE-2018-19614"
}
]
},
"id": "VAR-201905-0837",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15543"
},
{
"db": "VULHUB",
"id": "VHN-130291"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15543"
}
]
},
"last_update_date": "2024-11-23T23:08:24.679000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.westermo.us/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015493"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-130291"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015493"
},
{
"db": "NVD",
"id": "CVE-2018-19614"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://github.com/thewickerman/cve-disclosures/blob/master/cve-2018-19614.md"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19614"
},
{
"trust": 1.7,
"url": "https://www.westermo.us/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19614"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15543"
},
{
"db": "VULHUB",
"id": "VHN-130291"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015493"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-977"
},
{
"db": "NVD",
"id": "CVE-2018-19614"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-15543"
},
{
"db": "VULHUB",
"id": "VHN-130291"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015493"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-977"
},
{
"db": "NVD",
"id": "CVE-2018-19614"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-15543"
},
{
"date": "2019-05-23T00:00:00",
"db": "VULHUB",
"id": "VHN-130291"
},
{
"date": "2019-06-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015493"
},
{
"date": "2019-05-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-977"
},
{
"date": "2019-05-23T20:29:00.233000",
"db": "NVD",
"id": "CVE-2018-19614"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-15543"
},
{
"date": "2019-05-24T00:00:00",
"db": "VULHUB",
"id": "VHN-130291"
},
{
"date": "2019-06-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015493"
},
{
"date": "2019-05-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-977"
},
{
"date": "2024-11-21T03:58:17.163000",
"db": "NVD",
"id": "CVE-2018-19614"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-977"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Westermo DR-250 and DR-260 Router cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015493"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-977"
}
],
"trust": 0.6
}
}
VAR-201905-0836
Vulnerability from variot - Updated: 2024-11-23 22:25Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allow CSRF. Westermo DR-250 and DR-260 The router contains a cross-site request forgery vulnerability.Information may be tampered with. WestermoDR-260 and others are products of Westermo, Sweden. The WestermoDR-260 is a DSL router. The WestermoDR-250 is a DSL router. The WestermoMR-260 is a 3G multimedia router. Westermo DR-260 etc. The vulnerability stems from the WEB application not adequately verifying that the request is from a trusted user
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0836",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mr-260",
"scope": "eq",
"trust": 1.0,
"vendor": "westermo",
"version": "*"
},
{
"model": "dr-250",
"scope": "eq",
"trust": 1.0,
"vendor": "westermo",
"version": "*"
},
{
"model": "dr-260",
"scope": "eq",
"trust": 1.0,
"vendor": "westermo",
"version": "*"
},
{
"model": "dr-250",
"scope": null,
"trust": 0.8,
"vendor": "westermo",
"version": null
},
{
"model": "dr-260",
"scope": null,
"trust": 0.8,
"vendor": "westermo",
"version": null
},
{
"model": "mr-260",
"scope": null,
"trust": 0.8,
"vendor": "westermo",
"version": null
},
{
"model": "dr-260 router",
"scope": null,
"trust": 0.6,
"vendor": "westermo",
"version": null
},
{
"model": "dr-250 router",
"scope": null,
"trust": 0.6,
"vendor": "westermo",
"version": null
},
{
"model": "mr-260 router",
"scope": null,
"trust": 0.6,
"vendor": "westermo",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15901"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015498"
},
{
"db": "NVD",
"id": "CVE-2018-19613"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:westermo:dr-250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:westermo:dr-260_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:westermo:mr-260_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015498"
}
]
},
"cve": "CVE-2018-19613",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-19613",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2019-15901",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-130290",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2018-19613",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19613",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-19613",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2019-15901",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-997",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-130290",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15901"
},
{
"db": "VULHUB",
"id": "VHN-130290"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015498"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-997"
},
{
"db": "NVD",
"id": "CVE-2018-19613"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allow CSRF. Westermo DR-250 and DR-260 The router contains a cross-site request forgery vulnerability.Information may be tampered with. WestermoDR-260 and others are products of Westermo, Sweden. The WestermoDR-260 is a DSL router. The WestermoDR-250 is a DSL router. The WestermoMR-260 is a 3G multimedia router. Westermo DR-260 etc. The vulnerability stems from the WEB application not adequately verifying that the request is from a trusted user",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19613"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015498"
},
{
"db": "CNVD",
"id": "CNVD-2019-15901"
},
{
"db": "VULHUB",
"id": "VHN-130290"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19613",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015498",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-997",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-15901",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-130290",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15901"
},
{
"db": "VULHUB",
"id": "VHN-130290"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015498"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-997"
},
{
"db": "NVD",
"id": "CVE-2018-19613"
}
]
},
"id": "VAR-201905-0836",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15901"
},
{
"db": "VULHUB",
"id": "VHN-130290"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15901"
}
]
},
"last_update_date": "2024-11-23T22:25:56.262000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.westermo.us/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015498"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-130290"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015498"
},
{
"db": "NVD",
"id": "CVE-2018-19613"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://github.com/thewickerman/cve-disclosures/blob/master/cve-2018-19613.md"
},
{
"trust": 1.7,
"url": "https://www.westermo.us/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19613"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19613"
},
{
"trust": 0.6,
"url": "https://web.nvd.nist.gov//vuln/detail/cve-2018-19613"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15901"
},
{
"db": "VULHUB",
"id": "VHN-130290"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015498"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-997"
},
{
"db": "NVD",
"id": "CVE-2018-19613"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-15901"
},
{
"db": "VULHUB",
"id": "VHN-130290"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015498"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-997"
},
{
"db": "NVD",
"id": "CVE-2018-19613"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-15901"
},
{
"date": "2019-05-24T00:00:00",
"db": "VULHUB",
"id": "VHN-130290"
},
{
"date": "2019-06-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015498"
},
{
"date": "2019-05-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-997"
},
{
"date": "2019-05-24T17:29:02.273000",
"db": "NVD",
"id": "CVE-2018-19613"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-15901"
},
{
"date": "2019-05-28T00:00:00",
"db": "VULHUB",
"id": "VHN-130290"
},
{
"date": "2019-06-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015498"
},
{
"date": "2019-05-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-997"
},
{
"date": "2024-11-21T03:58:17.003000",
"db": "NVD",
"id": "CVE-2018-19613"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-997"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Westermo DR-250 and DR-260 Router cross-site request forgery vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015498"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-997"
}
],
"trust": 0.6
}
}
VAR-201905-0835
Vulnerability from variot - Updated: 2024-11-23 22:12The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload malicious file types and execute ASP code. Westermo DR-250 and DR-260 The router contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. WestermoDR-260 and others are products of Westermo, Sweden. The WestermoDR-260 is a DSL router. The WestermoDR-250 is a DSL router. The WestermoMR-260 is a 3G multimedia router. Westermo DR-260 etc. A security vulnerability exists in the /uploadfile? function in the Westermo DR-260, DR-250, and MR-260
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0835",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mr-260",
"scope": "eq",
"trust": 1.0,
"vendor": "westermo",
"version": "*"
},
{
"model": "dr-250",
"scope": "eq",
"trust": 1.0,
"vendor": "westermo",
"version": "*"
},
{
"model": "dr-260",
"scope": "eq",
"trust": 1.0,
"vendor": "westermo",
"version": "*"
},
{
"model": "dr-250",
"scope": null,
"trust": 0.8,
"vendor": "westermo",
"version": null
},
{
"model": "dr-260",
"scope": null,
"trust": 0.8,
"vendor": "westermo",
"version": null
},
{
"model": "mr-260",
"scope": null,
"trust": 0.8,
"vendor": "westermo",
"version": null
},
{
"model": "dr-260 router",
"scope": null,
"trust": 0.6,
"vendor": "westermo",
"version": null
},
{
"model": "dr-250 router",
"scope": null,
"trust": 0.6,
"vendor": "westermo",
"version": null
},
{
"model": "mr-260 router",
"scope": null,
"trust": 0.6,
"vendor": "westermo",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15900"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015497"
},
{
"db": "NVD",
"id": "CVE-2018-19612"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:westermo:dr-250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:westermo:dr-260_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:westermo:mr-260_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015497"
}
]
},
"cve": "CVE-2018-19612",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2018-19612",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2019-15900",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-130289",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-19612",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19612",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-19612",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-15900",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-995",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-130289",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15900"
},
{
"db": "VULHUB",
"id": "VHN-130289"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015497"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-995"
},
{
"db": "NVD",
"id": "CVE-2018-19612"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload malicious file types and execute ASP code. Westermo DR-250 and DR-260 The router contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. WestermoDR-260 and others are products of Westermo, Sweden. The WestermoDR-260 is a DSL router. The WestermoDR-250 is a DSL router. The WestermoMR-260 is a 3G multimedia router. Westermo DR-260 etc. A security vulnerability exists in the /uploadfile? function in the Westermo DR-260, DR-250, and MR-260",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19612"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015497"
},
{
"db": "CNVD",
"id": "CNVD-2019-15900"
},
{
"db": "VULHUB",
"id": "VHN-130289"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19612",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015497",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-995",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-15900",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-130289",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15900"
},
{
"db": "VULHUB",
"id": "VHN-130289"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015497"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-995"
},
{
"db": "NVD",
"id": "CVE-2018-19612"
}
]
},
"id": "VAR-201905-0835",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15900"
},
{
"db": "VULHUB",
"id": "VHN-130289"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15900"
}
]
},
"last_update_date": "2024-11-23T22:12:01.613000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.westermo.us/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015497"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-434",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-130289"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015497"
},
{
"db": "NVD",
"id": "CVE-2018-19612"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://github.com/thewickerman/cve-disclosures/blob/master/cve-2018-19612.md"
},
{
"trust": 1.7,
"url": "https://www.westermo.us/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19612"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19612"
},
{
"trust": 0.6,
"url": "https://web.nvd.nist.gov//vuln/detail/cve-2018-19612"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15900"
},
{
"db": "VULHUB",
"id": "VHN-130289"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015497"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-995"
},
{
"db": "NVD",
"id": "CVE-2018-19612"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-15900"
},
{
"db": "VULHUB",
"id": "VHN-130289"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015497"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-995"
},
{
"db": "NVD",
"id": "CVE-2018-19612"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-15900"
},
{
"date": "2019-05-24T00:00:00",
"db": "VULHUB",
"id": "VHN-130289"
},
{
"date": "2019-06-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015497"
},
{
"date": "2019-05-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-995"
},
{
"date": "2019-05-24T17:29:02.227000",
"db": "NVD",
"id": "CVE-2018-19612"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-15900"
},
{
"date": "2019-05-28T00:00:00",
"db": "VULHUB",
"id": "VHN-130289"
},
{
"date": "2019-06-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015497"
},
{
"date": "2019-05-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-995"
},
{
"date": "2024-11-21T03:58:16.853000",
"db": "NVD",
"id": "CVE-2018-19612"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-995"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Westermo DR-250 and DR-260 Router unrestricted upload vulnerability type vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015497"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-995"
}
],
"trust": 0.6
}
}