Search criteria
3 vulnerabilities found for unibox by indionetworks
VAR-201903-0009
Vulnerability from variot - Updated: 2024-11-23 21:52An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials. Wifi-soft UniBox controller The device contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Wifi-soft's UniboxControllers is a fast-paced network controller for all large and small venues. There is a remote code injection vulnerability in Wifi-soft's UniboxControllers. An attacker can exploit a vulnerability to inject arbitrary code. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements.
Name: Remote Code Injection in Wifi-soft's Unibox Controllers Affected Software: Unibox Controller Affected Versions: 0.x - 2.x Homepage: https://wifi-soft.com/unibox-controller/ Vulnerability: Remote Code Injection Severity: Critical Status: Not Fixed CVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8) CVE-ID Reference: CVE-2019-3495
Name: Remote Command Injection in Wifi-soft's Unibox Controllers Affected Software: Unibox Controller Affected Versions: 0.x - 2.x Homepage: https://wifi-soft.com/unibox-controller/ Vulnerability: Remote Command Injection Severity: Critical Status: Not Fixed CVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8) CVE-ID Reference: CVE-2019-3497
Name: Remote Command Injection in Wifi-soft's Unibox Controllers Affected Software: Unibox Controller Affected Versions: 3.x Homepage: https://wifi-soft.com/unibox-controller/ Vulnerability: Remote Command Injection Severity: Critical Status: Not Fixed CVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8) CVE-ID Reference: CVE-2019-3496
I have posted all the technical details, POCs and root-cause analysis here: https://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/
Best Regards,
*Sahil Dhar * Information Security Consultant +91 9821544985
http://goog_555023787 [image: https://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/] https://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-0009",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "unibox",
"scope": "eq",
"trust": 1.0,
"vendor": "indionetworks",
"version": null
},
{
"model": "unibox",
"scope": "eq",
"trust": 0.8,
"vendor": "wifi soft",
"version": "0.x to 2.x"
},
{
"model": "unibox controller",
"scope": "gte",
"trust": 0.6,
"vendor": "wifi soft",
"version": "0.*,\u003c=2.*"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00769"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002852"
},
{
"db": "NVD",
"id": "CVE-2019-3495"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:wifi-soft:unibox_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002852"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sahil Dhar",
"sources": [
{
"db": "PACKETSTORM",
"id": "151077"
}
],
"trust": 0.1
},
"cve": "CVE-2019-3495",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2019-3495",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-00769",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-154930",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-3495",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-3495",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-3495",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-3495",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-00769",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201903-759",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-154930",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00769"
},
{
"db": "VULHUB",
"id": "VHN-154930"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002852"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-759"
},
{
"db": "NVD",
"id": "CVE-2019-3495"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials. Wifi-soft UniBox controller The device contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Wifi-soft\u0027s UniboxControllers is a fast-paced network controller for all large and small venues. There is a remote code injection vulnerability in Wifi-soft\u0027s UniboxControllers. An attacker can exploit a vulnerability to inject arbitrary code. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements. \n\nName: Remote Code Injection in Wifi-soft\u0027s Unibox Controllers\nAffected Software: Unibox Controller\nAffected Versions: 0.x - 2.x\nHomepage: https://wifi-soft.com/unibox-controller/\nVulnerability: Remote Code Injection\nSeverity: Critical\nStatus: Not Fixed\nCVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8)\nCVE-ID Reference: CVE-2019-3495\n\n\nName: Remote Command Injection in Wifi-soft\u0027s Unibox Controllers\nAffected Software: Unibox Controller\nAffected Versions: 0.x - 2.x\nHomepage: https://wifi-soft.com/unibox-controller/\nVulnerability: Remote Command Injection\nSeverity: Critical\nStatus: Not Fixed\nCVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8)\nCVE-ID Reference: CVE-2019-3497\n\nName: Remote Command Injection in Wifi-soft\u0027s Unibox Controllers\nAffected Software: Unibox Controller\nAffected Versions: 3.x\nHomepage: https://wifi-soft.com/unibox-controller/\nVulnerability: Remote Command Injection\nSeverity: Critical\nStatus: Not Fixed\nCVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8)\nCVE-ID Reference: CVE-2019-3496\n\nI have posted all the technical details, POCs and root-cause analysis here:\nhttps://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/\n\n\nBest Regards,\n\n*Sahil Dhar *\nInformation Security Consultant\n+91 9821544985\n\n\u003chttp://goog_555023787\u003e\n[image:\nhttps://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/]\n\u003chttps://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/\u003e\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-3495"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002852"
},
{
"db": "CNVD",
"id": "CNVD-2019-00769"
},
{
"db": "VULHUB",
"id": "VHN-154930"
},
{
"db": "PACKETSTORM",
"id": "151077"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-3495",
"trust": 3.2
},
{
"db": "PACKETSTORM",
"id": "151077",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002852",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201903-759",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-00769",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-154930",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00769"
},
{
"db": "VULHUB",
"id": "VHN-154930"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002852"
},
{
"db": "PACKETSTORM",
"id": "151077"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-759"
},
{
"db": "NVD",
"id": "CVE-2019-3495"
}
]
},
"id": "VAR-201903-0009",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00769"
},
{
"db": "VULHUB",
"id": "VHN-154930"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00769"
}
]
},
"last_update_date": "2024-11-23T21:52:29.114000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "UniBox - Access Controllers",
"trust": 0.8,
"url": "https://wifi-soft.com/unibox-controller/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002852"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-434",
"trust": 1.9
},
{
"problemtype": "CWE-798",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-154930"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002852"
},
{
"db": "NVD",
"id": "CVE-2019-3495"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://sahildhar.github.io/blogpost/multiple-rce-vulnerabilties-in-unibox-controller-0.x-3.x/"
},
{
"trust": 2.3,
"url": "http://seclists.org/fulldisclosure/2019/jan/23"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/151077/wifi-soft-unibox-2.x-remote-command-code-injection.html"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3495"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3495"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3497"
},
{
"trust": 0.1,
"url": "https://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/\u003e"
},
{
"trust": 0.1,
"url": "https://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/]"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3496"
},
{
"trust": 0.1,
"url": "http://goog_555023787\u003e"
},
{
"trust": 0.1,
"url": "https://wifi-soft.com/unibox-controller/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00769"
},
{
"db": "VULHUB",
"id": "VHN-154930"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002852"
},
{
"db": "PACKETSTORM",
"id": "151077"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-759"
},
{
"db": "NVD",
"id": "CVE-2019-3495"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-00769"
},
{
"db": "VULHUB",
"id": "VHN-154930"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002852"
},
{
"db": "PACKETSTORM",
"id": "151077"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-759"
},
{
"db": "NVD",
"id": "CVE-2019-3495"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-00769"
},
{
"date": "2019-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-154930"
},
{
"date": "2019-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002852"
},
{
"date": "2019-01-09T09:22:22",
"db": "PACKETSTORM",
"id": "151077"
},
{
"date": "2019-03-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-759"
},
{
"date": "2019-03-21T16:01:04.187000",
"db": "NVD",
"id": "CVE-2019-3495"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-00769"
},
{
"date": "2019-03-26T00:00:00",
"db": "VULHUB",
"id": "VHN-154930"
},
{
"date": "2019-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002852"
},
{
"date": "2021-07-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-759"
},
{
"date": "2024-11-21T04:42:08.290000",
"db": "NVD",
"id": "CVE-2019-3495"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-759"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wifi-soft UniBox controller Device unrestricted upload vulnerability type file vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002852"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-759"
}
],
"trust": 0.6
}
}
VAR-201903-0011
Vulnerability from variot - Updated: 2024-11-23 21:52An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. The tools/ping Ping feature of the Diagnostic Tools component is vulnerable to Remote Command Execution, allowing an attacker to execute arbitrary system commands on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials. Wifi-soft UniBox controller The device contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The vulnerability comes from the fact that the network system or product does not correctly filter special elements in the process of constructing executable commands from external input data. Attackers can exploit this vulnerability to execute illegal commands. Hello all,
I would like to inform you about the Remote Command & Code Injection vulnerabilities found in Wifi-soft's Unibox Controllers.
Name: Remote Code Injection in Wifi-soft's Unibox Controllers Affected Software: Unibox Controller Affected Versions: 0.x - 2.x Homepage: https://wifi-soft.com/unibox-controller/ Vulnerability: Remote Code Injection Severity: Critical Status: Not Fixed CVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8) CVE-ID Reference: CVE-2019-3495
Name: Remote Command Injection in Wifi-soft's Unibox Controllers Affected Software: Unibox Controller Affected Versions: 0.x - 2.x Homepage: https://wifi-soft.com/unibox-controller/ Vulnerability: Remote Command Injection Severity: Critical Status: Not Fixed CVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8) CVE-ID Reference: CVE-2019-3497
Name: Remote Command Injection in Wifi-soft's Unibox Controllers Affected Software: Unibox Controller Affected Versions: 3.x Homepage: https://wifi-soft.com/unibox-controller/ Vulnerability: Remote Command Injection Severity: Critical Status: Not Fixed CVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8) CVE-ID Reference: CVE-2019-3496
I have posted all the technical details, POCs and root-cause analysis here: https://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/
Best Regards,
*Sahil Dhar * Information Security Consultant +91 9821544985
http://goog_555023787 [image: https://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/] https://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-0011",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "unibox",
"scope": "eq",
"trust": 1.0,
"vendor": "indionetworks",
"version": null
},
{
"model": "unibox",
"scope": "eq",
"trust": 0.8,
"vendor": "wifi soft",
"version": "0.x to 2.x"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002854"
},
{
"db": "NVD",
"id": "CVE-2019-3497"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:wifi-soft:unibox_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002854"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sahil Dhar",
"sources": [
{
"db": "PACKETSTORM",
"id": "151077"
}
],
"trust": 0.1
},
"cve": "CVE-2019-3497",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2019-3497",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-154932",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-3497",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-3497",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-3497",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-3497",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201903-761",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-154932",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-154932"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002854"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-761"
},
{
"db": "NVD",
"id": "CVE-2019-3497"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. The tools/ping Ping feature of the Diagnostic Tools component is vulnerable to Remote Command Execution, allowing an attacker to execute arbitrary system commands on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials. Wifi-soft UniBox controller The device contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The vulnerability comes from the fact that the network system or product does not correctly filter special elements in the process of constructing executable commands from external input data. Attackers can exploit this vulnerability to execute illegal commands. Hello all,\n\nI would like to inform you about the Remote Command \u0026 Code Injection\nvulnerabilities found in Wifi-soft\u0027s Unibox Controllers. \n\nName: Remote Code Injection in Wifi-soft\u0027s Unibox Controllers\nAffected Software: Unibox Controller\nAffected Versions: 0.x - 2.x\nHomepage: https://wifi-soft.com/unibox-controller/\nVulnerability: Remote Code Injection\nSeverity: Critical\nStatus: Not Fixed\nCVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8)\nCVE-ID Reference: CVE-2019-3495\n\n\nName: Remote Command Injection in Wifi-soft\u0027s Unibox Controllers\nAffected Software: Unibox Controller\nAffected Versions: 0.x - 2.x\nHomepage: https://wifi-soft.com/unibox-controller/\nVulnerability: Remote Command Injection\nSeverity: Critical\nStatus: Not Fixed\nCVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8)\nCVE-ID Reference: CVE-2019-3497\n\nName: Remote Command Injection in Wifi-soft\u0027s Unibox Controllers\nAffected Software: Unibox Controller\nAffected Versions: 3.x\nHomepage: https://wifi-soft.com/unibox-controller/\nVulnerability: Remote Command Injection\nSeverity: Critical\nStatus: Not Fixed\nCVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8)\nCVE-ID Reference: CVE-2019-3496\n\nI have posted all the technical details, POCs and root-cause analysis here:\nhttps://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/\n\n\nBest Regards,\n\n*Sahil Dhar *\nInformation Security Consultant\n+91 9821544985\n\n\u003chttp://goog_555023787\u003e\n[image:\nhttps://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/]\n\u003chttps://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/\u003e\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-3497"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002854"
},
{
"db": "VULHUB",
"id": "VHN-154932"
},
{
"db": "PACKETSTORM",
"id": "151077"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-3497",
"trust": 2.6
},
{
"db": "PACKETSTORM",
"id": "151077",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002854",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201903-761",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-154932",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-154932"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002854"
},
{
"db": "PACKETSTORM",
"id": "151077"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-761"
},
{
"db": "NVD",
"id": "CVE-2019-3497"
}
]
},
"id": "VAR-201903-0011",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-154932"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:52:29.084000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "UniBox - Access Controllers",
"trust": 0.8,
"url": "https://wifi-soft.com/unibox-controller/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002854"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.1
},
{
"problemtype": "CWE-77",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-154932"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002854"
},
{
"db": "NVD",
"id": "CVE-2019-3497"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://sahildhar.github.io/blogpost/multiple-rce-vulnerabilties-in-unibox-controller-0.x-3.x/"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/151077/wifi-soft-unibox-2.x-remote-command-code-injection.html"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2019/jan/23"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3497"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3497"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3495"
},
{
"trust": 0.1,
"url": "https://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/\u003e"
},
{
"trust": 0.1,
"url": "https://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/]"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3496"
},
{
"trust": 0.1,
"url": "http://goog_555023787\u003e"
},
{
"trust": 0.1,
"url": "https://wifi-soft.com/unibox-controller/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-154932"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002854"
},
{
"db": "PACKETSTORM",
"id": "151077"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-761"
},
{
"db": "NVD",
"id": "CVE-2019-3497"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-154932"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002854"
},
{
"db": "PACKETSTORM",
"id": "151077"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-761"
},
{
"db": "NVD",
"id": "CVE-2019-3497"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-154932"
},
{
"date": "2019-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002854"
},
{
"date": "2019-01-09T09:22:22",
"db": "PACKETSTORM",
"id": "151077"
},
{
"date": "2019-03-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-761"
},
{
"date": "2019-03-21T16:01:04.280000",
"db": "NVD",
"id": "CVE-2019-3497"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-154932"
},
{
"date": "2019-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002854"
},
{
"date": "2020-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-761"
},
{
"date": "2024-11-21T04:42:08.590000",
"db": "NVD",
"id": "CVE-2019-3497"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-761"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wifi-soft UniBox controller Command injection vulnerability in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002854"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-761"
}
],
"trust": 0.6
}
}
VAR-201903-0010
Vulnerability from variot - Updated: 2024-11-23 21:52An issue was discovered on Wifi-soft UniBox controller 3.x devices. The tools/controller/diagnostic_tools_controller Diagnostic Tools Controller is vulnerable to Remote Command Execution, allowing an attacker to execute arbitrary system commands on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials. Wifi-soft UniBox controller The device contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Wifi-soft's UniboxControllers is a fast-paced network controller for all large and small venues. There is a remote code injection vulnerability in Wifi-soft's UniboxControllers. An attacker can exploit a vulnerability to inject arbitrary code. The vulnerability comes from the fact that the network system or product does not correctly filter special elements in the process of constructing executable commands from external input data.
Name: Remote Code Injection in Wifi-soft's Unibox Controllers Affected Software: Unibox Controller Affected Versions: 0.x - 2.x Homepage: https://wifi-soft.com/unibox-controller/ Vulnerability: Remote Code Injection Severity: Critical Status: Not Fixed CVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8) CVE-ID Reference: CVE-2019-3495
Name: Remote Command Injection in Wifi-soft's Unibox Controllers Affected Software: Unibox Controller Affected Versions: 0.x - 2.x Homepage: https://wifi-soft.com/unibox-controller/ Vulnerability: Remote Command Injection Severity: Critical Status: Not Fixed CVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8) CVE-ID Reference: CVE-2019-3497
Name: Remote Command Injection in Wifi-soft's Unibox Controllers Affected Software: Unibox Controller Affected Versions: 3.x Homepage: https://wifi-soft.com/unibox-controller/ Vulnerability: Remote Command Injection Severity: Critical Status: Not Fixed CVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8) CVE-ID Reference: CVE-2019-3496
I have posted all the technical details, POCs and root-cause analysis here: https://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/
Best Regards,
*Sahil Dhar * Information Security Consultant +91 9821544985
http://goog_555023787 [image: https://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/] https://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-0010",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "unibox",
"scope": "eq",
"trust": 1.0,
"vendor": "indionetworks",
"version": null
},
{
"model": "unibox",
"scope": "eq",
"trust": 0.8,
"vendor": "wifi soft",
"version": "3.x"
},
{
"model": "unibox controller",
"scope": "gte",
"trust": 0.6,
"vendor": "wifi soft",
"version": "0.*,\u003c=2.*"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00771"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002853"
},
{
"db": "NVD",
"id": "CVE-2019-3496"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:wifi-soft:unibox_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002853"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sahil Dhar",
"sources": [
{
"db": "PACKETSTORM",
"id": "151077"
}
],
"trust": 0.1
},
"cve": "CVE-2019-3496",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2019-3496",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-00771",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-154931",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-3496",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-3496",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-3496",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-3496",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-00771",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201903-760",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-154931",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00771"
},
{
"db": "VULHUB",
"id": "VHN-154931"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002853"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-760"
},
{
"db": "NVD",
"id": "CVE-2019-3496"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Wifi-soft UniBox controller 3.x devices. The tools/controller/diagnostic_tools_controller Diagnostic Tools Controller is vulnerable to Remote Command Execution, allowing an attacker to execute arbitrary system commands on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials. Wifi-soft UniBox controller The device contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Wifi-soft\u0027s UniboxControllers is a fast-paced network controller for all large and small venues. There is a remote code injection vulnerability in Wifi-soft\u0027s UniboxControllers. An attacker can exploit a vulnerability to inject arbitrary code. The vulnerability comes from the fact that the network system or product does not correctly filter special elements in the process of constructing executable commands from external input data. \n\nName: Remote Code Injection in Wifi-soft\u0027s Unibox Controllers\nAffected Software: Unibox Controller\nAffected Versions: 0.x - 2.x\nHomepage: https://wifi-soft.com/unibox-controller/\nVulnerability: Remote Code Injection\nSeverity: Critical\nStatus: Not Fixed\nCVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8)\nCVE-ID Reference: CVE-2019-3495\n\n\nName: Remote Command Injection in Wifi-soft\u0027s Unibox Controllers\nAffected Software: Unibox Controller\nAffected Versions: 0.x - 2.x\nHomepage: https://wifi-soft.com/unibox-controller/\nVulnerability: Remote Command Injection\nSeverity: Critical\nStatus: Not Fixed\nCVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8)\nCVE-ID Reference: CVE-2019-3497\n\nName: Remote Command Injection in Wifi-soft\u0027s Unibox Controllers\nAffected Software: Unibox Controller\nAffected Versions: 3.x\nHomepage: https://wifi-soft.com/unibox-controller/\nVulnerability: Remote Command Injection\nSeverity: Critical\nStatus: Not Fixed\nCVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8)\nCVE-ID Reference: CVE-2019-3496\n\nI have posted all the technical details, POCs and root-cause analysis here:\nhttps://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/\n\n\nBest Regards,\n\n*Sahil Dhar *\nInformation Security Consultant\n+91 9821544985\n\n\u003chttp://goog_555023787\u003e\n[image:\nhttps://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/]\n\u003chttps://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/\u003e\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-3496"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002853"
},
{
"db": "CNVD",
"id": "CNVD-2019-00771"
},
{
"db": "VULHUB",
"id": "VHN-154931"
},
{
"db": "PACKETSTORM",
"id": "151077"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-3496",
"trust": 3.2
},
{
"db": "PACKETSTORM",
"id": "151077",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002853",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201903-760",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-00771",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-154931",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00771"
},
{
"db": "VULHUB",
"id": "VHN-154931"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002853"
},
{
"db": "PACKETSTORM",
"id": "151077"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-760"
},
{
"db": "NVD",
"id": "CVE-2019-3496"
}
]
},
"id": "VAR-201903-0010",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00771"
},
{
"db": "VULHUB",
"id": "VHN-154931"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00771"
}
]
},
"last_update_date": "2024-11-23T21:52:28.661000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "UniBox - Access Controllers",
"trust": 0.8,
"url": "https://wifi-soft.com/unibox-controller/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002853"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.1
},
{
"problemtype": "CWE-77",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-154931"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002853"
},
{
"db": "NVD",
"id": "CVE-2019-3496"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://sahildhar.github.io/blogpost/multiple-rce-vulnerabilties-in-unibox-controller-0.x-3.x/"
},
{
"trust": 2.3,
"url": "http://seclists.org/fulldisclosure/2019/jan/23"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/151077/wifi-soft-unibox-2.x-remote-command-code-injection.html"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3496"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3496"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3497"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3495"
},
{
"trust": 0.1,
"url": "https://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/\u003e"
},
{
"trust": 0.1,
"url": "https://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/]"
},
{
"trust": 0.1,
"url": "http://goog_555023787\u003e"
},
{
"trust": 0.1,
"url": "https://wifi-soft.com/unibox-controller/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00771"
},
{
"db": "VULHUB",
"id": "VHN-154931"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002853"
},
{
"db": "PACKETSTORM",
"id": "151077"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-760"
},
{
"db": "NVD",
"id": "CVE-2019-3496"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-00771"
},
{
"db": "VULHUB",
"id": "VHN-154931"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002853"
},
{
"db": "PACKETSTORM",
"id": "151077"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-760"
},
{
"db": "NVD",
"id": "CVE-2019-3496"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-00771"
},
{
"date": "2019-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-154931"
},
{
"date": "2019-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002853"
},
{
"date": "2019-01-09T09:22:22",
"db": "PACKETSTORM",
"id": "151077"
},
{
"date": "2019-03-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-760"
},
{
"date": "2019-03-21T16:01:04.233000",
"db": "NVD",
"id": "CVE-2019-3496"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-00771"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-154931"
},
{
"date": "2019-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002853"
},
{
"date": "2020-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-760"
},
{
"date": "2024-11-21T04:42:08.440000",
"db": "NVD",
"id": "CVE-2019-3496"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-760"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wifi-soft UniBox controller Command injection vulnerability in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002853"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-760"
}
],
"trust": 0.6
}
}