Search criteria
2 vulnerabilities found for p0_router_firmware by 360
CVE-2019-3404 (GCVE-0-2019-3404)
Vulnerability from nvd – Published: 2020-03-04 13:01 – Updated: 2024-08-04 19:12
VLAI
Summary
By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C.
Severity
No CVSS data available.
CWE
- Improper Authentication
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://security.360.cn/News/news/id/218.html | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| 360 Security Technology, Inc. | 360 Router F5C |
Affected:
360POP-F5C-V3.1.1.65150
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:12:09.558Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.360.cn/News/news/id/218.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "360 Router F5C",
"vendor": "360 Security Technology, Inc.",
"versions": [
{
"status": "affected",
"version": "360POP-F5C-V3.1.1.65150"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-04T13:01:17.000Z",
"orgId": "40f8fa2f-7875-43d0-a30e-e901a5537754",
"shortName": "360ST"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.360.cn/News/news/id/218.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@360.cn",
"ID": "CVE-2019-3404",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "360 Router F5C",
"version": {
"version_data": [
{
"version_value": "360POP-F5C-V3.1.1.65150"
}
]
}
}
]
},
"vendor_name": "360 Security Technology, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.360.cn/News/news/id/218.html",
"refsource": "CONFIRM",
"url": "https://security.360.cn/News/news/id/218.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "40f8fa2f-7875-43d0-a30e-e901a5537754",
"assignerShortName": "360ST",
"cveId": "CVE-2019-3404",
"datePublished": "2020-03-04T13:01:17.000Z",
"dateReserved": "2018-12-19T00:00:00.000Z",
"dateUpdated": "2024-08-04T19:12:09.558Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-3404 (GCVE-0-2019-3404)
Vulnerability from cvelistv5 – Published: 2020-03-04 13:01 – Updated: 2024-08-04 19:12
VLAI
Summary
By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C.
Severity
No CVSS data available.
CWE
- Improper Authentication
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://security.360.cn/News/news/id/218.html | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| 360 Security Technology, Inc. | 360 Router F5C |
Affected:
360POP-F5C-V3.1.1.65150
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:12:09.558Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.360.cn/News/news/id/218.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "360 Router F5C",
"vendor": "360 Security Technology, Inc.",
"versions": [
{
"status": "affected",
"version": "360POP-F5C-V3.1.1.65150"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-04T13:01:17.000Z",
"orgId": "40f8fa2f-7875-43d0-a30e-e901a5537754",
"shortName": "360ST"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.360.cn/News/news/id/218.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@360.cn",
"ID": "CVE-2019-3404",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "360 Router F5C",
"version": {
"version_data": [
{
"version_value": "360POP-F5C-V3.1.1.65150"
}
]
}
}
]
},
"vendor_name": "360 Security Technology, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.360.cn/News/news/id/218.html",
"refsource": "CONFIRM",
"url": "https://security.360.cn/News/news/id/218.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "40f8fa2f-7875-43d0-a30e-e901a5537754",
"assignerShortName": "360ST",
"cveId": "CVE-2019-3404",
"datePublished": "2020-03-04T13:01:17.000Z",
"dateReserved": "2018-12-19T00:00:00.000Z",
"dateUpdated": "2024-08-04T19:12:09.558Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}