Search criteria
7 vulnerabilities found for hg100 by asus
VAR-201908-1824
Vulnerability from variot - Updated: 2025-01-30 22:18A broken access control vulnerability in HG100 firmware versions up to 4.00.06 allows an attacker in the same local area network to control IoT devices that connect with itself via http://[target]/smarthome/devicecontrol without any authentication. CVSS 3.0 base score 10 (Confidentiality, Integrity and Availability impacts). CVSS vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). HG100 firmware Contains an access control vulnerability.Information may be obtained and information may be altered.
The ASUS SmartHome Gateway HG100 has a security vulnerability, allowing remote attackers to use the vulnerability to submit special requests, bypass security restrictions, and perform unauthorized requests, such as controlling devices. ASUS SmartHome Gateway HG100 is a smart home central control gateway device from ASUS, Taiwan
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201908-1824",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hg100",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "4.00.09"
},
{
"model": "hg100",
"scope": "lte",
"trust": 0.8,
"vendor": "asustek computer",
"version": "4.00.06"
},
{
"model": "smarthome gateway hg100 version",
"scope": "lt",
"trust": 0.6,
"vendor": "asus",
"version": "4.00.09"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22305"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008723"
},
{
"db": "NVD",
"id": "CVE-2019-11061"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:asus:hg100_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008723"
}
]
},
"cve": "CVE-2019-11061",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2019-11061",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2020-22305",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-11061",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "twcert@cert.org.tw",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-11061",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-11061",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "twcert@cert.org.tw",
"id": "CVE-2019-11061",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-11061",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-22305",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201908-2172",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-11061",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22305"
},
{
"db": "VULMON",
"id": "CVE-2019-11061"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008723"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2172"
},
{
"db": "NVD",
"id": "CVE-2019-11061"
},
{
"db": "NVD",
"id": "CVE-2019-11061"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A broken access control vulnerability in HG100 firmware versions up to 4.00.06 allows an attacker in the same local area network to control IoT devices that connect with itself via http://[target]/smarthome/devicecontrol without any authentication. CVSS 3.0 base score 10 (Confidentiality, Integrity and Availability impacts). CVSS vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). HG100 firmware Contains an access control vulnerability.Information may be obtained and information may be altered. \n\r\n\r\nThe ASUS SmartHome Gateway HG100 has a security vulnerability, allowing remote attackers to use the vulnerability to submit special requests, bypass security restrictions, and perform unauthorized requests, such as controlling devices. ASUS SmartHome Gateway HG100 is a smart home central control gateway device from ASUS, Taiwan",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-11061"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008723"
},
{
"db": "CNVD",
"id": "CNVD-2020-22305"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2172"
},
{
"db": "VULMON",
"id": "CVE-2019-11061"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-11061",
"trust": 3.2
},
{
"db": "TWCERT",
"id": "TVN-201906003",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008723",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-22305",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2172",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-11061",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-22305"
},
{
"db": "VULMON",
"id": "CVE-2019-11061"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008723"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2172"
},
{
"db": "NVD",
"id": "CVE-2019-11061"
}
]
},
"id": "VAR-201908-1824",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-22305"
}
],
"trust": 1.47631578
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"home \u0026 office device",
"network device"
],
"sub_category": "smart home device",
"trust": 0.1
},
{
"category": [
"home \u0026 office device",
"network device"
],
"sub_category": "gateway",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-22305"
}
]
},
"last_update_date": "2025-01-30T22:18:16.839000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ASUS SmartHome Gateway (HG100)",
"trust": 0.8,
"url": "https://www.asus.com/sg/Internet-of-Things/ASUS-SmartHome-Gateway-HG100/"
},
{
"title": "Patch for ASUS SmartHome Gateway HG100 access control bypass vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/213455"
},
{
"title": "ASUS SmartHome Gateway HG100 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97655"
},
{
"title": "ASUS-SmartHome-Exploit",
"trust": 0.1,
"url": "https://github.com/tim124058/ASUS-SmartHome-Exploit "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/developer3000S/PoC-in-GitHub "
},
{
"title": "CVE-POC",
"trust": 0.1,
"url": "https://github.com/0xT11/CVE-POC "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/hectorgie/PoC-in-GitHub "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/nomi-sec/PoC-in-GitHub "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-22305"
},
{
"db": "VULMON",
"id": "CVE-2019-11061"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008723"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2172"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008723"
},
{
"db": "NVD",
"id": "CVE-2019-11061"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://github.com/tim124058/asus-smarthome-exploit/"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11061"
},
{
"trust": 1.7,
"url": "https://tvn.twcert.org.tw/taiwanvn/tvn-201906003"
},
{
"trust": 1.7,
"url": "http://surl.twcert.org.tw/5df6x"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11061"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/306.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/tim124058/asus-smarthome-exploit"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-22305"
},
{
"db": "VULMON",
"id": "CVE-2019-11061"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008723"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2172"
},
{
"db": "NVD",
"id": "CVE-2019-11061"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-22305"
},
{
"db": "VULMON",
"id": "CVE-2019-11061"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008723"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2172"
},
{
"db": "NVD",
"id": "CVE-2019-11061"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-22305"
},
{
"date": "2019-08-29T00:00:00",
"db": "VULMON",
"id": "CVE-2019-11061"
},
{
"date": "2019-09-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-008723"
},
{
"date": "2019-08-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-2172"
},
{
"date": "2019-08-29T01:15:10.930000",
"db": "NVD",
"id": "CVE-2019-11061"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-22305"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2019-11061"
},
{
"date": "2019-09-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-008723"
},
{
"date": "2020-09-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-2172"
},
{
"date": "2024-11-21T04:20:27.743000",
"db": "NVD",
"id": "CVE-2019-11061"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-2172"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HG100 firmware Access control vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008723"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-2172"
}
],
"trust": 0.6
}
}
VAR-201912-1498
Vulnerability from variot - Updated: 2025-01-30 21:46An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Because of insecure key transport in ZigBee communication, attackers can obtain sensitive information, cause the multiple denial of service attacks, take over smart home devices, and tamper with messages. plural ASUS The product contains a vulnerability in transmitting sensitive information in the clear.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. ASUS SmartHome Gateway HG100 and other products are products of ASUS, Taiwan. ASUS SmartHome Gateway HG100 is a smart home central control gateway device. ASUS WS-101 is a smart switch sensor. TS-101 is a temperature / humidity sensor.
There are security vulnerabilities in ASUS SmartHome Gateway HG100 version 1.05.12, WS-101 version 1.05.12 and TS-101 version 1.05.12 (using ZigBee PRO), which originated from the program's insecure transmission of keys
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201912-1498",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ms-101",
"scope": "eq",
"trust": 2.2,
"vendor": "asus",
"version": null
},
{
"model": "ws-101",
"scope": "eq",
"trust": 2.2,
"vendor": "asus",
"version": null
},
{
"model": "hg100",
"scope": "eq",
"trust": 2.2,
"vendor": "asus",
"version": null
},
{
"model": "mw100",
"scope": "eq",
"trust": 2.2,
"vendor": "asus",
"version": null
},
{
"model": "ts-101",
"scope": "eq",
"trust": 1.6,
"vendor": "asus",
"version": null
},
{
"model": "as-101",
"scope": "eq",
"trust": 1.6,
"vendor": "asus",
"version": null
},
{
"model": "dl-101",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": null
},
{
"model": "as101",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "dl101",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "hg100",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "ms-101",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "mw100",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "ts101",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "ws101",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "smarthome gateway hg100",
"scope": "eq",
"trust": 0.6,
"vendor": "asus",
"version": "1.05.12"
},
{
"model": "smarthome gateway ws-101",
"scope": "eq",
"trust": 0.6,
"vendor": "asus",
"version": "1.05.12"
},
{
"model": "smarthome gateway ts-101",
"scope": "eq",
"trust": 0.6,
"vendor": "asus",
"version": "1.05.12"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03055"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013946"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-963"
},
{
"db": "NVD",
"id": "CVE-2019-15911"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:asus:as-101_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:asus:dl-101_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:asus:hg100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:asus:ms-101_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:asus:mw100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:asus:ts-101_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:asus:ws-101_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013946"
}
]
},
"cve": "CVE-2019-15911",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-15911",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-03055",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-15911",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-15911",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-15911",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-15911",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2020-03055",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201912-963",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03055"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013946"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-963"
},
{
"db": "NVD",
"id": "CVE-2019-15911"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Because of insecure key transport in ZigBee communication, attackers can obtain sensitive information, cause the multiple denial of service attacks, take over smart home devices, and tamper with messages. plural ASUS The product contains a vulnerability in transmitting sensitive information in the clear.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. ASUS SmartHome Gateway HG100 and other products are products of ASUS, Taiwan. ASUS SmartHome Gateway HG100 is a smart home central control gateway device. ASUS WS-101 is a smart switch sensor. TS-101 is a temperature / humidity sensor. \n\nThere are security vulnerabilities in ASUS SmartHome Gateway HG100 version 1.05.12, WS-101 version 1.05.12 and TS-101 version 1.05.12 (using ZigBee PRO), which originated from the program\u0027s insecure transmission of keys",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-15911"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013946"
},
{
"db": "CNVD",
"id": "CNVD-2020-03055"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-15911",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013946",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-03055",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201912-963",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03055"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013946"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-963"
},
{
"db": "NVD",
"id": "CVE-2019-15911"
}
]
},
"id": "VAR-201912-1498",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03055"
}
],
"trust": 1.47631578
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"home \u0026 office device",
"network device"
],
"sub_category": "smart home device",
"trust": 0.1
},
{
"category": [
"home \u0026 office device",
"network device"
],
"sub_category": "gateway",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03055"
}
]
},
"last_update_date": "2025-01-30T21:46:12.807000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.asus.com/sg/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013946"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-319",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013946"
},
{
"db": "NVD",
"id": "CVE-2019-15911"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/chengcheng227/cve-poc/blob/master/cve-2019-15911.md"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15911"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15911"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03055"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013946"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-963"
},
{
"db": "NVD",
"id": "CVE-2019-15911"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03055"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013946"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-963"
},
{
"db": "NVD",
"id": "CVE-2019-15911"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-01-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-03055"
},
{
"date": "2020-01-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013946"
},
{
"date": "2019-12-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-963"
},
{
"date": "2019-12-20T17:15:11.347000",
"db": "NVD",
"id": "CVE-2019-15911"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-01-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-03055"
},
{
"date": "2020-01-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013946"
},
{
"date": "2020-01-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-963"
},
{
"date": "2024-11-21T04:29:42.660000",
"db": "NVD",
"id": "CVE-2019-15911"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-963"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural ASUS Vulnerability in sending clear information of important information in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013946"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-963"
}
],
"trust": 0.6
}
}
VAR-201912-1499
Vulnerability from variot - Updated: 2025-01-30 21:08An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Attackers can use the ZigBee trust center rejoin procedure to perform mutiple denial of service attacks. plural ASUS The product contains an input validation vulnerability.Denial of service (DoS) May be in a state. ASUS SmartHome Gateway HG100 and other products are products of ASUS, Taiwan. ASUS SmartHome Gateway HG100 is a smart home central control gateway device. ASUS WS-101 is a smart switch sensor. TS-101 is a temperature / humidity sensor.
There are security vulnerabilities in ASUS SmartHome Gateway HG100 version 1.05.12, WS-101 version 1.05.12, and TS-101 version 1.05.12 (using ZigBee PRO). An attacker could use this vulnerability to cause a denial of service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201912-1499",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dl-101",
"scope": "eq",
"trust": 2.2,
"vendor": "asus",
"version": null
},
{
"model": "ms-101",
"scope": "eq",
"trust": 2.2,
"vendor": "asus",
"version": null
},
{
"model": "ws-101",
"scope": "eq",
"trust": 2.2,
"vendor": "asus",
"version": null
},
{
"model": "mw100",
"scope": "eq",
"trust": 2.2,
"vendor": "asus",
"version": null
},
{
"model": "as-101",
"scope": "eq",
"trust": 1.6,
"vendor": "asus",
"version": null
},
{
"model": "hg100",
"scope": "eq",
"trust": 1.6,
"vendor": "asus",
"version": null
},
{
"model": "ts-101",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": null
},
{
"model": "as101",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "dl101",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "hg100",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "ms-101",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "mw100",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "ts101",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "ws101",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "smarthome gateway hg100",
"scope": "eq",
"trust": 0.6,
"vendor": "asus",
"version": "1.05.12"
},
{
"model": "smarthome gateway ws-101",
"scope": "eq",
"trust": 0.6,
"vendor": "asus",
"version": "1.05.12"
},
{
"model": "smarthome gateway ts-101",
"scope": "eq",
"trust": 0.6,
"vendor": "asus",
"version": "1.05.12"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03054"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013868"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-964"
},
{
"db": "NVD",
"id": "CVE-2019-15912"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:asus:as-101_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:asus:dl-101_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:asus:hg100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:asus:ms-101_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:asus:mw100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:asus:ts-101_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:asus:ws-101_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013868"
}
]
},
"cve": "CVE-2019-15912",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-15912",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-03054",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-15912",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-15912",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-15912",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-15912",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-03054",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201912-964",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03054"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013868"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-964"
},
{
"db": "NVD",
"id": "CVE-2019-15912"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Attackers can use the ZigBee trust center rejoin procedure to perform mutiple denial of service attacks. plural ASUS The product contains an input validation vulnerability.Denial of service (DoS) May be in a state. ASUS SmartHome Gateway HG100 and other products are products of ASUS, Taiwan. ASUS SmartHome Gateway HG100 is a smart home central control gateway device. ASUS WS-101 is a smart switch sensor. TS-101 is a temperature / humidity sensor. \n\nThere are security vulnerabilities in ASUS SmartHome Gateway HG100 version 1.05.12, WS-101 version 1.05.12, and TS-101 version 1.05.12 (using ZigBee PRO). An attacker could use this vulnerability to cause a denial of service",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-15912"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013868"
},
{
"db": "CNVD",
"id": "CNVD-2020-03054"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-15912",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013868",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-03054",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201912-964",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03054"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013868"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-964"
},
{
"db": "NVD",
"id": "CVE-2019-15912"
}
]
},
"id": "VAR-201912-1499",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03054"
}
],
"trust": 1.47631578
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"home \u0026 office device",
"network device"
],
"sub_category": "smart home device",
"trust": 0.1
},
{
"category": [
"home \u0026 office device",
"network device"
],
"sub_category": "gateway",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03054"
}
]
},
"last_update_date": "2025-01-30T21:08:45.315000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.asus.com/sg/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013868"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013868"
},
{
"db": "NVD",
"id": "CVE-2019-15912"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/chengcheng227/cve-poc/blob/master/cve-2019-15912_1.md"
},
{
"trust": 2.4,
"url": "https://github.com/chengcheng227/cve-poc/blob/master/cve-2019-15912_2.md"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15912"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15912"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03054"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013868"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-964"
},
{
"db": "NVD",
"id": "CVE-2019-15912"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2020-03054"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013868"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-964"
},
{
"db": "NVD",
"id": "CVE-2019-15912"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-01-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-03054"
},
{
"date": "2020-01-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013868"
},
{
"date": "2019-12-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-964"
},
{
"date": "2019-12-20T17:15:11.427000",
"db": "NVD",
"id": "CVE-2019-15912"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-01-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-03054"
},
{
"date": "2020-01-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013868"
},
{
"date": "2020-01-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-964"
},
{
"date": "2024-11-21T04:29:42.807000",
"db": "NVD",
"id": "CVE-2019-15912"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-964"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural ASUS Input validation vulnerabilities in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013868"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-964"
}
],
"trust": 0.6
}
}
VAR-201807-0761
Vulnerability from variot - Updated: 2024-11-23 22:48ASUS HG100 devices with firmware before 1.05.12 allow unauthenticated access, leading to remote command execution. ASUS HG100 The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ASUSHG100 is a home intelligence monitoring device from ASUS. A command execution vulnerability exists in ASUSHG100 using firmware prior to 1.05.12. A remote attacker can exploit the vulnerability to execute commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201807-0761",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hg100",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "1.05.12"
},
{
"model": "hg100",
"scope": "lt",
"trust": 0.8,
"vendor": "asustek computer",
"version": "1.05.12"
},
{
"model": "hg100",
"scope": "eq",
"trust": 0.6,
"vendor": "asus",
"version": "1.05.12"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008457"
},
{
"db": "NVD",
"id": "CVE-2018-11491"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:asus:hg100_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008457"
}
]
},
"cve": "CVE-2018-11491",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-11491",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-17185",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-11491",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-11491",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-11491",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2018-17185",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1849",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2018-11491",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17185"
},
{
"db": "VULMON",
"id": "CVE-2018-11491"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008457"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1849"
},
{
"db": "NVD",
"id": "CVE-2018-11491"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ASUS HG100 devices with firmware before 1.05.12 allow unauthenticated access, leading to remote command execution. ASUS HG100 The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ASUSHG100 is a home intelligence monitoring device from ASUS. A command execution vulnerability exists in ASUSHG100 using firmware prior to 1.05.12. A remote attacker can exploit the vulnerability to execute commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11491"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008457"
},
{
"db": "CNVD",
"id": "CNVD-2018-17185"
},
{
"db": "VULMON",
"id": "CVE-2018-11491"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-11491",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008457",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-17185",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "40568",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1849",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-11491",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17185"
},
{
"db": "VULMON",
"id": "CVE-2018-11491"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008457"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1849"
},
{
"db": "NVD",
"id": "CVE-2018-11491"
}
]
},
"id": "VAR-201807-0761",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17185"
}
],
"trust": 1.15263156
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17185"
}
]
},
"last_update_date": "2024-11-23T22:48:40.892000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartHome Gateway HG100: Security Update",
"trust": 0.8,
"url": "https://www.asus.com/tw/News/qnEosWKPVDpmOeqL"
},
{
"title": "ASUSHG100 command to execute a patch for the vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/139109"
},
{
"title": "ASUS HG100 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=82627"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008457"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1849"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008457"
},
{
"db": "NVD",
"id": "CVE-2018-11491"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://www.asus.com/tw/news/qneoswkpvdpmoeql"
},
{
"trust": 1.1,
"url": "https://mars-cheng.github.io/blog/2018/cve-2018-11491/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11491"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11491"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/40568"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17185"
},
{
"db": "VULMON",
"id": "CVE-2018-11491"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008457"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1849"
},
{
"db": "NVD",
"id": "CVE-2018-11491"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-17185"
},
{
"db": "VULMON",
"id": "CVE-2018-11491"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008457"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1849"
},
{
"db": "NVD",
"id": "CVE-2018-11491"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-17185"
},
{
"date": "2018-07-25T00:00:00",
"db": "VULMON",
"id": "CVE-2018-11491"
},
{
"date": "2018-10-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008457"
},
{
"date": "2018-07-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1849"
},
{
"date": "2018-07-25T13:29:00.267000",
"db": "NVD",
"id": "CVE-2018-11491"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-17185"
},
{
"date": "2018-09-20T00:00:00",
"db": "VULMON",
"id": "CVE-2018-11491"
},
{
"date": "2018-10-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008457"
},
{
"date": "2018-07-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1849"
},
{
"date": "2024-11-21T03:43:28.580000",
"db": "NVD",
"id": "CVE-2018-11491"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1849"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ASUS HG100 Authentication vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008457"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1849"
}
],
"trust": 0.6
}
}
VAR-201808-0559
Vulnerability from variot - Updated: 2024-11-23 22:11ASUS HG100 devices allow denial of service via an IPv4 packet flood. ASUS HG100 The device contains a resource management vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. ASUSHG100 is a home intelligence monitoring device from ASUS. A denial of service vulnerability exists in ASUSHG100. There is a security flaw in the ASUS HG100
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0559",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hg100",
"scope": "eq",
"trust": 1.6,
"vendor": "asus",
"version": null
},
{
"model": "hg100",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "hg100",
"scope": null,
"trust": 0.6,
"vendor": "asus",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15918"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008927"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-296"
},
{
"db": "NVD",
"id": "CVE-2018-11492"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:asus:hg100_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008927"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "YinT Wang,Yint Wang",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-296"
}
],
"trust": 0.6
},
"cve": "CVE-2018-11492",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-11492",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-15918",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-121357",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2018-11492",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-11492",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-11492",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-15918",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201808-296",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-121357",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15918"
},
{
"db": "VULHUB",
"id": "VHN-121357"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008927"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-296"
},
{
"db": "NVD",
"id": "CVE-2018-11492"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ASUS HG100 devices allow denial of service via an IPv4 packet flood. ASUS HG100 The device contains a resource management vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. ASUSHG100 is a home intelligence monitoring device from ASUS. A denial of service vulnerability exists in ASUSHG100. There is a security flaw in the ASUS HG100",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11492"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008927"
},
{
"db": "CNVD",
"id": "CNVD-2018-15918"
},
{
"db": "VULHUB",
"id": "VHN-121357"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-11492",
"trust": 3.1
},
{
"db": "EXPLOIT-DB",
"id": "46720",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "152542",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008927",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201808-296",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-15918",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-121357",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15918"
},
{
"db": "VULHUB",
"id": "VHN-121357"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008927"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-296"
},
{
"db": "NVD",
"id": "CVE-2018-11492"
}
]
},
"id": "VAR-201808-0559",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15918"
},
{
"db": "VULHUB",
"id": "VHN-121357"
}
],
"trust": 1.25263156
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15918"
}
]
},
"last_update_date": "2024-11-23T22:11:51.079000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ASUS SmartHome Gateway (HG100)",
"trust": 0.8,
"url": "https://www.asus.com/sg/Internet-of-Things/ASUS-SmartHome-Gateway-HG100/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008927"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-399",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121357"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008927"
},
{
"db": "NVD",
"id": "CVE-2018-11492"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://mars-cheng.github.io/blog/2018/cve-2018-11492/"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/152542/asus-hg100-denial-of-service.html"
},
{
"trust": 1.7,
"url": "https://www.exploit-db.com/exploits/46720/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11492"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11492"
},
{
"trust": 0.6,
"url": "https://www.exploit-db.com/exploits/46720"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15918"
},
{
"db": "VULHUB",
"id": "VHN-121357"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008927"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-296"
},
{
"db": "NVD",
"id": "CVE-2018-11492"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-15918"
},
{
"db": "VULHUB",
"id": "VHN-121357"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008927"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-296"
},
{
"db": "NVD",
"id": "CVE-2018-11492"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-15918"
},
{
"date": "2018-08-10T00:00:00",
"db": "VULHUB",
"id": "VHN-121357"
},
{
"date": "2018-11-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008927"
},
{
"date": "2018-08-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-296"
},
{
"date": "2018-08-10T16:29:00.233000",
"db": "NVD",
"id": "CVE-2018-11492"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-15918"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-121357"
},
{
"date": "2018-11-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008927"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-296"
},
{
"date": "2024-11-21T03:43:28.710000",
"db": "NVD",
"id": "CVE-2018-11492"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-296"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ASUS HG100 Vulnerabilities related to resource management in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008927"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-296"
}
],
"trust": 0.6
}
}
VAR-201908-1823
Vulnerability from variot - Updated: 2024-11-23 22:11The web api server on Port 8080 of ASUS HG100 firmware up to 1.05.12, which is vulnerable to Slowloris HTTP Denial of Service: an attacker can cause a Denial of Service (DoS) by sending headers very slowly to keep HTTP or HTTPS connections and associated resources alive for a long period of time. CVSS 3.0 Base score 7.4 (Availability impacts). CVSS vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H). ASUS HG100 The firmware contains a vulnerability related to resource exhaustion.Service operation interruption (DoS) There is a possibility of being put into a state. ASUS SmartHome Gateway HG100 is a smart home central control gateway device from Taiwan ASUS (ASUS). A security vulnerability exists in the web api server on port 8080 in the ASUS SmartHome Gateway HG100 using firmware version 1.05.12 and earlier. An attacker could exploit the vulnerability to cause a denial of service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201908-1823",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hg100",
"scope": "lte",
"trust": 1.0,
"vendor": "asus",
"version": "1.05.12"
},
{
"model": "hg100",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "smarthome gateway hg100",
"scope": "lte",
"trust": 0.6,
"vendor": "asus",
"version": "\u003c=1.05.12"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30714"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008839"
},
{
"db": "NVD",
"id": "CVE-2019-11060"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:asus:hg100_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008839"
}
]
},
"cve": "CVE-2019-11060",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-11060",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-30714",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-142669",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-11060",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "twcert@cert.org.tw",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2019-11060",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-11060",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-11060",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "twcert@cert.org.tw",
"id": "CVE-2019-11060",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-11060",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-30714",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201908-2171",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-142669",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-11060",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30714"
},
{
"db": "VULHUB",
"id": "VHN-142669"
},
{
"db": "VULMON",
"id": "CVE-2019-11060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008839"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2171"
},
{
"db": "NVD",
"id": "CVE-2019-11060"
},
{
"db": "NVD",
"id": "CVE-2019-11060"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The web api server on Port 8080 of ASUS HG100 firmware up to 1.05.12, which is vulnerable to Slowloris HTTP Denial of Service: an attacker can cause a Denial of Service (DoS) by sending headers very slowly to keep HTTP or HTTPS connections and associated resources alive for a long period of time. CVSS 3.0 Base score 7.4 (Availability impacts). CVSS vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H). ASUS HG100 The firmware contains a vulnerability related to resource exhaustion.Service operation interruption (DoS) There is a possibility of being put into a state. ASUS SmartHome Gateway HG100 is a smart home central control gateway device from Taiwan ASUS (ASUS). A security vulnerability exists in the web api server on port 8080 in the ASUS SmartHome Gateway HG100 using firmware version 1.05.12 and earlier. An attacker could exploit the vulnerability to cause a denial of service",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-11060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008839"
},
{
"db": "CNVD",
"id": "CNVD-2019-30714"
},
{
"db": "VULHUB",
"id": "VHN-142669"
},
{
"db": "VULMON",
"id": "CVE-2019-11060"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-11060",
"trust": 3.2
},
{
"db": "EXPLOIT-DB",
"id": "46720",
"trust": 2.4
},
{
"db": "TWCERT",
"id": "TVN-201906002",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008839",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2171",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-30714",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-142669",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-11060",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30714"
},
{
"db": "VULHUB",
"id": "VHN-142669"
},
{
"db": "VULMON",
"id": "CVE-2019-11060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008839"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2171"
},
{
"db": "NVD",
"id": "CVE-2019-11060"
}
]
},
"id": "VAR-201908-1823",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30714"
},
{
"db": "VULHUB",
"id": "VHN-142669"
}
],
"trust": 1.47631578
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30714"
}
]
},
"last_update_date": "2024-11-23T22:11:51.047000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ASUS SmartHome Gateway (HG100)",
"trust": 0.8,
"url": "https://www.asus.com/sg/Internet-of-Things/ASUS-SmartHome-Gateway-HG100/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008839"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-400",
"trust": 1.9
},
{
"problemtype": "CWE-770",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142669"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008839"
},
{
"db": "NVD",
"id": "CVE-2019-11060"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://www.exploit-db.com/exploits/46720"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11060"
},
{
"trust": 1.8,
"url": "http://surl.twcert.org.tw/aarvj"
},
{
"trust": 1.8,
"url": "https://tvn.twcert.org.tw/taiwanvn/tvn-201906002"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11060"
},
{
"trust": 0.8,
"url": "https://twcert.org.tw/subpages/servethepublic/public_document_details.aspx?lang=en-us\u0026id=41"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/770.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-30714"
},
{
"db": "VULHUB",
"id": "VHN-142669"
},
{
"db": "VULMON",
"id": "CVE-2019-11060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008839"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2171"
},
{
"db": "NVD",
"id": "CVE-2019-11060"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-30714"
},
{
"db": "VULHUB",
"id": "VHN-142669"
},
{
"db": "VULMON",
"id": "CVE-2019-11060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008839"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2171"
},
{
"db": "NVD",
"id": "CVE-2019-11060"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-30714"
},
{
"date": "2019-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-142669"
},
{
"date": "2019-08-29T00:00:00",
"db": "VULMON",
"id": "CVE-2019-11060"
},
{
"date": "2019-09-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-008839"
},
{
"date": "2019-08-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-2171"
},
{
"date": "2019-08-29T01:15:10.850000",
"db": "NVD",
"id": "CVE-2019-11060"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-30714"
},
{
"date": "2020-10-02T00:00:00",
"db": "VULHUB",
"id": "VHN-142669"
},
{
"date": "2020-10-02T00:00:00",
"db": "VULMON",
"id": "CVE-2019-11060"
},
{
"date": "2019-09-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-008839"
},
{
"date": "2020-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-2171"
},
{
"date": "2024-11-21T04:20:27.620000",
"db": "NVD",
"id": "CVE-2019-11060"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-2171"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ASUS HG100 Vulnerability related to resource depletion in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008839"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-2171"
}
],
"trust": 0.6
}
}
VAR-201912-1497
Vulnerability from variot - Updated: 2024-11-23 22:05An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Attackers can utilize the "discover ZigBee network procedure" to perform a denial of service attack. plural ASUS The product contains an input validation vulnerability.Denial of service (DoS) May be in a state. ASUS SmartHome Gateway HG100 and other products are products of ASUS, Taiwan. ASUS SmartHome Gateway HG100 is a smart home central control gateway device. ASUS WS-101 is a smart switch sensor. TS-101 is a temperature / humidity sensor.
There are security vulnerabilities in ASUS SmartHome Gateway HG100 version 1.05.12, WS-101 version 1.05.12, and TS-101 version 1.05.12 (using ZigBee PRO)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201912-1497",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dl-101",
"scope": "eq",
"trust": 2.2,
"vendor": "asus",
"version": null
},
{
"model": "ms-101",
"scope": "eq",
"trust": 2.2,
"vendor": "asus",
"version": null
},
{
"model": "ts-101",
"scope": "eq",
"trust": 2.2,
"vendor": "asus",
"version": null
},
{
"model": "ws-101",
"scope": "eq",
"trust": 2.2,
"vendor": "asus",
"version": null
},
{
"model": "as-101",
"scope": "eq",
"trust": 2.2,
"vendor": "asus",
"version": null
},
{
"model": "mw100",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": null
},
{
"model": "hg100",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": null
},
{
"model": "as101",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "dl101",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "hg100",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "ms-101",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "mw100",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "ts101",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "ws101",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "smarthome gateway hg100",
"scope": "eq",
"trust": 0.6,
"vendor": "asus",
"version": "1.05.12"
},
{
"model": "smarthome gateway ws-101",
"scope": "eq",
"trust": 0.6,
"vendor": "asus",
"version": "1.05.12"
},
{
"model": "smarthome gateway ts-101",
"scope": "eq",
"trust": 0.6,
"vendor": "asus",
"version": "1.05.12"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03056"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014184"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-961"
},
{
"db": "NVD",
"id": "CVE-2019-15910"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:asus:as-101_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:asus:dl-101_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:asus:hg100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:asus:ms-101_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:asus:mw100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:asus:ts-101_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:asus:ws-101_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014184"
}
]
},
"cve": "CVE-2019-15910",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-15910",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-03056",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-15910",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-15910",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-15910",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-15910",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-03056",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201912-961",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03056"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014184"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-961"
},
{
"db": "NVD",
"id": "CVE-2019-15910"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Attackers can utilize the \"discover ZigBee network procedure\" to perform a denial of service attack. plural ASUS The product contains an input validation vulnerability.Denial of service (DoS) May be in a state. ASUS SmartHome Gateway HG100 and other products are products of ASUS, Taiwan. ASUS SmartHome Gateway HG100 is a smart home central control gateway device. ASUS WS-101 is a smart switch sensor. TS-101 is a temperature / humidity sensor. \n\nThere are security vulnerabilities in ASUS SmartHome Gateway HG100 version 1.05.12, WS-101 version 1.05.12, and TS-101 version 1.05.12 (using ZigBee PRO)",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-15910"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014184"
},
{
"db": "CNVD",
"id": "CNVD-2020-03056"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-15910",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014184",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-03056",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201912-961",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03056"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014184"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-961"
},
{
"db": "NVD",
"id": "CVE-2019-15910"
}
]
},
"id": "VAR-201912-1497",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03056"
}
],
"trust": 1.37631578
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03056"
}
]
},
"last_update_date": "2024-11-23T22:05:51.959000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.asus.com/sg/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014184"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014184"
},
{
"db": "NVD",
"id": "CVE-2019-15910"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/chengcheng227/cve-poc/blob/master/cve-2019-15910.md"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15910"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15910"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03056"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014184"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-961"
},
{
"db": "NVD",
"id": "CVE-2019-15910"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-03056"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014184"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-961"
},
{
"db": "NVD",
"id": "CVE-2019-15910"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-01-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-03056"
},
{
"date": "2020-02-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014184"
},
{
"date": "2019-12-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-961"
},
{
"date": "2019-12-20T17:15:11.237000",
"db": "NVD",
"id": "CVE-2019-15910"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-01-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-03056"
},
{
"date": "2020-02-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014184"
},
{
"date": "2019-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-961"
},
{
"date": "2024-11-21T04:29:42.510000",
"db": "NVD",
"id": "CVE-2019-15910"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural ASUS Input validation vulnerabilities in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014184"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-961"
}
],
"trust": 0.6
}
}