Search
Find a vulnerability
Search criteria
6 vulnerabilities found for felcom_500_firmware by furuno
CVE-2018-16705 (GCVE-0-2018-16705)
Vulnerability from nvd – Published: 2018-09-10 17:00 – Updated: 2024-08-05 10:32
VLAI
EPSS
VEX
Summary
FURUNO FELCOM 250 and 500 devices allow unauthenticated access to the xml/permission.xml file containing all of the system's usernames and passwords. This includes the Admin and Service user accounts and their unsalted MD5 hashes, as well as the SMS server password in cleartext.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://cyberskr.com/blog/furuno-felcom.html | x_refsource_MISC |
| https://gist.github.com/CyberSKR/c00eabd6b1d5603d… | x_refsource_MISC |
Date Public
2018-09-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:32:53.777Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cyberskr.com/blog/furuno-felcom.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/CyberSKR/c00eabd6b1d5603d724b615ab358ff31"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-09-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "FURUNO FELCOM 250 and 500 devices allow unauthenticated access to the xml/permission.xml file containing all of the system\u0027s usernames and passwords. This includes the Admin and Service user accounts and their unsalted MD5 hashes, as well as the SMS server password in cleartext."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-10T16:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cyberskr.com/blog/furuno-felcom.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/CyberSKR/c00eabd6b1d5603d724b615ab358ff31"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16705",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FURUNO FELCOM 250 and 500 devices allow unauthenticated access to the xml/permission.xml file containing all of the system\u0027s usernames and passwords. This includes the Admin and Service user accounts and their unsalted MD5 hashes, as well as the SMS server password in cleartext."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cyberskr.com/blog/furuno-felcom.html",
"refsource": "MISC",
"url": "https://cyberskr.com/blog/furuno-felcom.html"
},
{
"name": "https://gist.github.com/CyberSKR/c00eabd6b1d5603d724b615ab358ff31",
"refsource": "MISC",
"url": "https://gist.github.com/CyberSKR/c00eabd6b1d5603d724b615ab358ff31"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-16705",
"datePublished": "2018-09-10T17:00:00.000Z",
"dateReserved": "2018-09-07T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:32:53.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16591 (GCVE-0-2018-16591)
Vulnerability from nvd – Published: 2018-09-10 17:00 – Updated: 2024-08-05 10:24
VLAI
EPSS
VEX
Summary
FURUNO FELCOM 250 and 500 devices allow unauthenticated users to change the password for the Admin, Log and Service accounts, as well as the password for the protected "SMS" panel via /cgi-bin/sm_changepassword.cgi and /cgi-bin/sm_sms_changepasswd.cgi.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://cyberskr.com/blog/furuno-felcom.html | x_refsource_MISC |
| https://gist.github.com/CyberSKR/2c30d964d48b5e15… | x_refsource_MISC |
Date Public
2018-09-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:24:33.002Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cyberskr.com/blog/furuno-felcom.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/CyberSKR/2c30d964d48b5e1518ded88bd953b710"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-09-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "FURUNO FELCOM 250 and 500 devices allow unauthenticated users to change the password for the Admin, Log and Service accounts, as well as the password for the protected \"SMS\" panel via /cgi-bin/sm_changepassword.cgi and /cgi-bin/sm_sms_changepasswd.cgi."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-10T16:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cyberskr.com/blog/furuno-felcom.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/CyberSKR/2c30d964d48b5e1518ded88bd953b710"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16591",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FURUNO FELCOM 250 and 500 devices allow unauthenticated users to change the password for the Admin, Log and Service accounts, as well as the password for the protected \"SMS\" panel via /cgi-bin/sm_changepassword.cgi and /cgi-bin/sm_sms_changepasswd.cgi."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cyberskr.com/blog/furuno-felcom.html",
"refsource": "MISC",
"url": "https://cyberskr.com/blog/furuno-felcom.html"
},
{
"name": "https://gist.github.com/CyberSKR/2c30d964d48b5e1518ded88bd953b710",
"refsource": "MISC",
"url": "https://gist.github.com/CyberSKR/2c30d964d48b5e1518ded88bd953b710"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-16591",
"datePublished": "2018-09-10T17:00:00.000Z",
"dateReserved": "2018-09-06T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:24:33.002Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16590 (GCVE-0-2018-16590)
Vulnerability from nvd – Published: 2018-09-06 23:00 – Updated: 2024-08-05 10:24
VLAI
EPSS
VEX
Summary
FURUNO FELCOM 250 and 500 devices use only client-side JavaScript in login.js for authentication.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://cyberskr.com/blog/furuno-felcom.html | x_refsource_MISC |
| https://gist.github.com/CyberSKR/34a8d6be7646a4bf… | x_refsource_MISC |
Date Public
2018-09-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:24:32.987Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cyberskr.com/blog/furuno-felcom.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/CyberSKR/34a8d6be7646a4bfd4df455f9f52500f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-09-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "FURUNO FELCOM 250 and 500 devices use only client-side JavaScript in login.js for authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-10T16:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cyberskr.com/blog/furuno-felcom.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/CyberSKR/34a8d6be7646a4bfd4df455f9f52500f"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16590",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FURUNO FELCOM 250 and 500 devices use only client-side JavaScript in login.js for authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cyberskr.com/blog/furuno-felcom.html",
"refsource": "MISC",
"url": "https://cyberskr.com/blog/furuno-felcom.html"
},
{
"name": "https://gist.github.com/CyberSKR/34a8d6be7646a4bfd4df455f9f52500f",
"refsource": "MISC",
"url": "https://gist.github.com/CyberSKR/34a8d6be7646a4bfd4df455f9f52500f"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-16590",
"datePublished": "2018-09-06T23:00:00.000Z",
"dateReserved": "2018-09-06T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:24:32.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16705 (GCVE-0-2018-16705)
Vulnerability from cvelistv5 – Published: 2018-09-10 17:00 – Updated: 2024-08-05 10:32
VLAI
EPSS
VEX
Summary
FURUNO FELCOM 250 and 500 devices allow unauthenticated access to the xml/permission.xml file containing all of the system's usernames and passwords. This includes the Admin and Service user accounts and their unsalted MD5 hashes, as well as the SMS server password in cleartext.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://cyberskr.com/blog/furuno-felcom.html | x_refsource_MISC |
| https://gist.github.com/CyberSKR/c00eabd6b1d5603d… | x_refsource_MISC |
Date Public
2018-09-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:32:53.777Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cyberskr.com/blog/furuno-felcom.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/CyberSKR/c00eabd6b1d5603d724b615ab358ff31"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-09-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "FURUNO FELCOM 250 and 500 devices allow unauthenticated access to the xml/permission.xml file containing all of the system\u0027s usernames and passwords. This includes the Admin and Service user accounts and their unsalted MD5 hashes, as well as the SMS server password in cleartext."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-10T16:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cyberskr.com/blog/furuno-felcom.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/CyberSKR/c00eabd6b1d5603d724b615ab358ff31"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16705",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FURUNO FELCOM 250 and 500 devices allow unauthenticated access to the xml/permission.xml file containing all of the system\u0027s usernames and passwords. This includes the Admin and Service user accounts and their unsalted MD5 hashes, as well as the SMS server password in cleartext."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cyberskr.com/blog/furuno-felcom.html",
"refsource": "MISC",
"url": "https://cyberskr.com/blog/furuno-felcom.html"
},
{
"name": "https://gist.github.com/CyberSKR/c00eabd6b1d5603d724b615ab358ff31",
"refsource": "MISC",
"url": "https://gist.github.com/CyberSKR/c00eabd6b1d5603d724b615ab358ff31"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-16705",
"datePublished": "2018-09-10T17:00:00.000Z",
"dateReserved": "2018-09-07T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:32:53.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16591 (GCVE-0-2018-16591)
Vulnerability from cvelistv5 – Published: 2018-09-10 17:00 – Updated: 2024-08-05 10:24
VLAI
EPSS
VEX
Summary
FURUNO FELCOM 250 and 500 devices allow unauthenticated users to change the password for the Admin, Log and Service accounts, as well as the password for the protected "SMS" panel via /cgi-bin/sm_changepassword.cgi and /cgi-bin/sm_sms_changepasswd.cgi.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://cyberskr.com/blog/furuno-felcom.html | x_refsource_MISC |
| https://gist.github.com/CyberSKR/2c30d964d48b5e15… | x_refsource_MISC |
Date Public
2018-09-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:24:33.002Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cyberskr.com/blog/furuno-felcom.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/CyberSKR/2c30d964d48b5e1518ded88bd953b710"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-09-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "FURUNO FELCOM 250 and 500 devices allow unauthenticated users to change the password for the Admin, Log and Service accounts, as well as the password for the protected \"SMS\" panel via /cgi-bin/sm_changepassword.cgi and /cgi-bin/sm_sms_changepasswd.cgi."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-10T16:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cyberskr.com/blog/furuno-felcom.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/CyberSKR/2c30d964d48b5e1518ded88bd953b710"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16591",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FURUNO FELCOM 250 and 500 devices allow unauthenticated users to change the password for the Admin, Log and Service accounts, as well as the password for the protected \"SMS\" panel via /cgi-bin/sm_changepassword.cgi and /cgi-bin/sm_sms_changepasswd.cgi."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cyberskr.com/blog/furuno-felcom.html",
"refsource": "MISC",
"url": "https://cyberskr.com/blog/furuno-felcom.html"
},
{
"name": "https://gist.github.com/CyberSKR/2c30d964d48b5e1518ded88bd953b710",
"refsource": "MISC",
"url": "https://gist.github.com/CyberSKR/2c30d964d48b5e1518ded88bd953b710"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-16591",
"datePublished": "2018-09-10T17:00:00.000Z",
"dateReserved": "2018-09-06T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:24:33.002Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16590 (GCVE-0-2018-16590)
Vulnerability from cvelistv5 – Published: 2018-09-06 23:00 – Updated: 2024-08-05 10:24
VLAI
EPSS
VEX
Summary
FURUNO FELCOM 250 and 500 devices use only client-side JavaScript in login.js for authentication.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://cyberskr.com/blog/furuno-felcom.html | x_refsource_MISC |
| https://gist.github.com/CyberSKR/34a8d6be7646a4bf… | x_refsource_MISC |
Date Public
2018-09-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:24:32.987Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cyberskr.com/blog/furuno-felcom.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/CyberSKR/34a8d6be7646a4bfd4df455f9f52500f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-09-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "FURUNO FELCOM 250 and 500 devices use only client-side JavaScript in login.js for authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-10T16:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cyberskr.com/blog/furuno-felcom.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/CyberSKR/34a8d6be7646a4bfd4df455f9f52500f"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16590",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FURUNO FELCOM 250 and 500 devices use only client-side JavaScript in login.js for authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cyberskr.com/blog/furuno-felcom.html",
"refsource": "MISC",
"url": "https://cyberskr.com/blog/furuno-felcom.html"
},
{
"name": "https://gist.github.com/CyberSKR/34a8d6be7646a4bfd4df455f9f52500f",
"refsource": "MISC",
"url": "https://gist.github.com/CyberSKR/34a8d6be7646a4bfd4df455f9f52500f"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-16590",
"datePublished": "2018-09-06T23:00:00.000Z",
"dateReserved": "2018-09-06T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:24:32.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}