Find a vulnerability
Search criteria
2 vulnerabilities found for sbg901 by motorola
VAR-201406-0395
Vulnerability from variot - Updated: 2025-04-12 23:13Multiple cross-site request forgery (CSRF) vulnerabilities in goform/RgDdns in ARRIS (formerly Motorola) SBG901 SURFboard Wireless Cable Modem allow remote attackers to hijack the authentication of administrators for requests that (1) change the dns service via the DdnsService parameter, (2) change the username via the DdnsUserName parameter, (3) change the password via the DdnsPassword parameter, or (4) change the host name via the DdnsHostName parameter. The Motorola SBG901 modem is a router device. The Motorola SBG901 modem has a cross-site request forgery vulnerability that allows remote attackers to build malicious URIs, entice users to resolve, and perform malicious operations in the target user context. An attacker can exploit this issue to perform certain unauthorized actions. This may lead to further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201406-0395",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "arris sbg901",
"scope": "eq",
"trust": 1.0,
"vendor": "commscope",
"version": null
},
{
"model": "sbg901 surfboard wireless cable modem",
"scope": null,
"trust": 0.8,
"vendor": "arris group",
"version": null
},
{
"model": "sbg901 modem",
"scope": null,
"trust": 0.6,
"vendor": "motorola",
"version": null
},
{
"model": "sbg901",
"scope": "eq",
"trust": 0.6,
"vendor": "arris",
"version": null
},
{
"model": "sbg901",
"scope": "eq",
"trust": 0.3,
"vendor": "motorola",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-03873"
},
{
"db": "BID",
"id": "68103"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003001"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-442"
},
{
"db": "NVD",
"id": "CVE-2014-3778"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:arris:sbg901",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003001"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Blessen Thomas",
"sources": [
{
"db": "BID",
"id": "68103"
}
],
"trust": 0.3
},
"cve": "CVE-2014-3778",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2014-3778",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2014-03873",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-3778",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-3778",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2014-03873",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201406-442",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-03873"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003001"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-442"
},
{
"db": "NVD",
"id": "CVE-2014-3778"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple cross-site request forgery (CSRF) vulnerabilities in goform/RgDdns in ARRIS (formerly Motorola) SBG901 SURFboard Wireless Cable Modem allow remote attackers to hijack the authentication of administrators for requests that (1) change the dns service via the DdnsService parameter, (2) change the username via the DdnsUserName parameter, (3) change the password via the DdnsPassword parameter, or (4) change the host name via the DdnsHostName parameter. The Motorola SBG901 modem is a router device. The Motorola SBG901 modem has a cross-site request forgery vulnerability that allows remote attackers to build malicious URIs, entice users to resolve, and perform malicious operations in the target user context. \nAn attacker can exploit this issue to perform certain unauthorized actions. This may lead to further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3778"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003001"
},
{
"db": "CNVD",
"id": "CNVD-2014-03873"
},
{
"db": "BID",
"id": "68103"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-3778",
"trust": 3.3
},
{
"db": "EXPLOIT-DB",
"id": "33792",
"trust": 3.0
},
{
"db": "BID",
"id": "68103",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003001",
"trust": 0.8
},
{
"db": "EXPLOITDB",
"id": "33792",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2014-03873",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201406-442",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-03873"
},
{
"db": "BID",
"id": "68103"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003001"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-442"
},
{
"db": "NVD",
"id": "CVE-2014-3778"
}
]
},
"id": "VAR-201406-0395",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-03873"
}
],
"trust": 1.1833333000000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-03873"
}
]
},
"last_update_date": "2025-04-12T23:13:20.866000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Modems and Gateways",
"trust": 0.8,
"url": "http://www.arrisi.com/modems/"
},
{
"title": "Patch for Motorola SBG901 Cross-Site Request Forgery Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/46738"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-03873"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003001"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003001"
},
{
"db": "NVD",
"id": "CVE-2014-3778"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.exploit-db.com/exploits/33792"
},
{
"trust": 1.4,
"url": "http://www.exploit-db.com/exploits/33792/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3778"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3778"
},
{
"trust": 0.3,
"url": "http://www.arrisi.com/modems/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-03873"
},
{
"db": "BID",
"id": "68103"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003001"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-442"
},
{
"db": "NVD",
"id": "CVE-2014-3778"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-03873"
},
{
"db": "BID",
"id": "68103"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003001"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-442"
},
{
"db": "NVD",
"id": "CVE-2014-3778"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-06-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-03873"
},
{
"date": "2014-06-18T00:00:00",
"db": "BID",
"id": "68103"
},
{
"date": "2014-06-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003001"
},
{
"date": "2014-06-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201406-442"
},
{
"date": "2014-06-19T14:55:07.253000",
"db": "NVD",
"id": "CVE-2014-3778"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-06-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-03873"
},
{
"date": "2014-06-18T00:00:00",
"db": "BID",
"id": "68103"
},
{
"date": "2014-06-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003001"
},
{
"date": "2021-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201406-442"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-3778"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201406-442"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ARRIS SBG901 SURFboard Wireless Cable Modem of goform/RgDdns Vulnerable to cross-site request forgery",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003001"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201406-442"
}
],
"trust": 0.6
}
}
VAR-201812-0710
Vulnerability from variot - Updated: 2024-11-23 22:51Motorola SBG901 SBG901-2.10.1.1-GA-00-581-NOSH, SBG941 SBG941-2.11.0.0-GA-07-624-NOSH, and SVG1202 SVG1202-2.1.0.0-GA-14-LTSH devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests. Motorola SBG901 , SBG941 , SVG1202 The device contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Multiple Motorola products are prone to an information-disclosure vulnerability. Attackers can exploit this issue to view sensitive information. Information obtained may lead to further attacks. The following versions of product are vulnerable: Motorola SBG901 SBG901-2.10.1.1-GA-00-581-NOSH Motorola SBG941 SBG941-2.11.0.0-GA-07-624-NOSH Motorola SVG1202 SVG1202-2.1.0.0-GA-14-LTSH. Security vulnerability exists in Motorola SBG901 SBG901-2.10.1.1-GA-00-581-NOSH version, SBG941 SBG941-2.11.0.0-GA-07-624-NOSH version, and SVG1202 SVG1202-2.1.0.0-GA-14-LTSH version
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0710",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "svg1202",
"scope": "eq",
"trust": 1.6,
"vendor": "motorola",
"version": "svg1202-2.1.0.0-ga-14-ltsh"
},
{
"model": "sbg901",
"scope": "eq",
"trust": 1.6,
"vendor": "motorola",
"version": "sbg901-2.10.1.1-ga-00-581-nosh"
},
{
"model": "sbg941",
"scope": "eq",
"trust": 1.6,
"vendor": "motorola",
"version": "sbg941-2.11.0.0-ga-07-624-nosh"
},
{
"model": "sbg901",
"scope": "eq",
"trust": 0.8,
"vendor": "motorola",
"version": "2.10.1.1-ga-00-581-nosh"
},
{
"model": "sbg941",
"scope": "eq",
"trust": 0.8,
"vendor": "motorola",
"version": "2.11.0.0-ga-07-624-nosh"
},
{
"model": "svg1202",
"scope": "eq",
"trust": 0.8,
"vendor": "motorola",
"version": "2.1.0.0-ga-14-ltsh"
},
{
"model": "svg1202 svg1202-2.1.0.0-ga-1",
"scope": null,
"trust": 0.3,
"vendor": "motorola",
"version": null
},
{
"model": "sbg941 sbg941-2.11.0.0-ga-0",
"scope": null,
"trust": 0.3,
"vendor": "motorola",
"version": null
},
{
"model": "sbg901 sbg901-2.10.1.1-ga-0",
"scope": null,
"trust": 0.3,
"vendor": "motorola",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "106320"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013533"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1057"
},
{
"db": "NVD",
"id": "CVE-2018-20399"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:motorola:sbg901_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:motorola:sbg941_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:motorola:svg1202_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013533"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "@Capitan_alfa",
"sources": [
{
"db": "BID",
"id": "106320"
}
],
"trust": 0.3
},
"cve": "CVE-2018-20399",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-20399",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-131201",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-20399",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-20399",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-20399",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-1057",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-131201",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-131201"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013533"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1057"
},
{
"db": "NVD",
"id": "CVE-2018-20399"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Motorola SBG901 SBG901-2.10.1.1-GA-00-581-NOSH, SBG941 SBG941-2.11.0.0-GA-07-624-NOSH, and SVG1202 SVG1202-2.1.0.0-GA-14-LTSH devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests. Motorola SBG901 , SBG941 , SVG1202 The device contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Multiple Motorola products are prone to an information-disclosure vulnerability. \nAttackers can exploit this issue to view sensitive information. Information obtained may lead to further attacks. \nThe following versions of product are vulnerable:\nMotorola SBG901 SBG901-2.10.1.1-GA-00-581-NOSH\nMotorola SBG941 SBG941-2.11.0.0-GA-07-624-NOSH\nMotorola SVG1202 SVG1202-2.1.0.0-GA-14-LTSH. Security vulnerability exists in Motorola SBG901 SBG901-2.10.1.1-GA-00-581-NOSH version, SBG941 SBG941-2.11.0.0-GA-07-624-NOSH version, and SVG1202 SVG1202-2.1.0.0-GA-14-LTSH version ",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-20399"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013533"
},
{
"db": "BID",
"id": "106320"
},
{
"db": "VULHUB",
"id": "VHN-131201"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-20399",
"trust": 2.8
},
{
"db": "BID",
"id": "106320",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013533",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1057",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-131201",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-131201"
},
{
"db": "BID",
"id": "106320"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013533"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1057"
},
{
"db": "NVD",
"id": "CVE-2018-20399"
}
]
},
"id": "VAR-201812-0710",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-131201"
}
],
"trust": 0.6833333
},
"last_update_date": "2024-11-23T22:51:53.649000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.motorolasolutions.com"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013533"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-522",
"trust": 1.1
},
{
"problemtype": "CWE-255",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-131201"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013533"
},
{
"db": "NVD",
"id": "CVE-2018-20399"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://github.com/ezelf/sensitivesoids/blob/master/oidpassswordleaks.csv"
},
{
"trust": 2.0,
"url": "https://misteralfa-hack.blogspot.com/2018/12/stringbleed-y-ahora-que-passwords-leaks.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/106320"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-20399"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20399"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-131201"
},
{
"db": "BID",
"id": "106320"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013533"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1057"
},
{
"db": "NVD",
"id": "CVE-2018-20399"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-131201"
},
{
"db": "BID",
"id": "106320"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013533"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1057"
},
{
"db": "NVD",
"id": "CVE-2018-20399"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-23T00:00:00",
"db": "VULHUB",
"id": "VHN-131201"
},
{
"date": "2018-12-23T00:00:00",
"db": "BID",
"id": "106320"
},
{
"date": "2019-02-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013533"
},
{
"date": "2018-12-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-1057"
},
{
"date": "2018-12-23T21:29:01.467000",
"db": "NVD",
"id": "CVE-2018-20399"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-131201"
},
{
"date": "2018-12-23T00:00:00",
"db": "BID",
"id": "106320"
},
{
"date": "2019-02-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013533"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-1057"
},
{
"date": "2024-11-21T04:01:24.613000",
"db": "NVD",
"id": "CVE-2018-20399"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-1057"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Motorola Vulnerabilities related to certificate and password management in device products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013533"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-1057"
}
],
"trust": 0.6
}
}