Find a vulnerability
Search criteria
2 vulnerabilities found for wm3300 by coship
VAR-201905-0417
Vulnerability from variot - Updated: 2025-01-30 22:28An issue was discovered on Shenzhen Coship WM3300 WiFi Router 5.0.0.55 devices. The password reset functionality of the Wireless SSID doesn't require any type of authentication. By making a POST request to the regx/wireless/wl_security_2G.asp URI, the attacker can change the password of the Wi-FI network. Shenzhen Coship WM3300 WiFi Router devices contain vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Coship Wireless Router is a wireless router produced by China Coship Electronics (Coship). There are security vulnerabilities in Coship Wireless Router versions 4.0.0.x and 5.0.0.x. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0417",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wm3300",
"scope": "eq",
"trust": 1.8,
"vendor": "coship",
"version": "5.0.0.55"
},
{
"model": "rt3052",
"scope": "eq",
"trust": 1.0,
"vendor": "coship",
"version": "4.0.0.48"
},
{
"model": "wm3300",
"scope": "eq",
"trust": 1.0,
"vendor": "coship",
"version": "5.0.0.54"
},
{
"model": "rt3050",
"scope": "eq",
"trust": 1.0,
"vendor": "coship",
"version": "4.0.0.40"
},
{
"model": "rt7620",
"scope": "eq",
"trust": 1.0,
"vendor": "coship",
"version": "10.0.0.49"
},
{
"model": "rt3050",
"scope": null,
"trust": 0.8,
"vendor": "coship",
"version": null
},
{
"model": "rt3052",
"scope": null,
"trust": 0.8,
"vendor": "coship",
"version": null
},
{
"model": "rt7620",
"scope": null,
"trust": 0.8,
"vendor": "coship",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004414"
},
{
"db": "NVD",
"id": "CVE-2019-7564"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:coship:rt3050_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:coship:rt3052_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:coship:rt7620_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:coship:wm3300_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004414"
}
]
},
"cve": "CVE-2019-7564",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-7564",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-158999",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-7564",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-7564",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-7564",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201902-574",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-158999",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-7564",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-158999"
},
{
"db": "VULMON",
"id": "CVE-2019-7564"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004414"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-574"
},
{
"db": "NVD",
"id": "CVE-2019-7564"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Shenzhen Coship WM3300 WiFi Router 5.0.0.55 devices. The password reset functionality of the Wireless SSID doesn\u0027t require any type of authentication. By making a POST request to the regx/wireless/wl_security_2G.asp URI, the attacker can change the password of the Wi-FI network. Shenzhen Coship WM3300 WiFi Router devices contain vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Coship Wireless Router is a wireless router produced by China Coship Electronics (Coship). There are security vulnerabilities in Coship Wireless Router versions 4.0.0.x and 5.0.0.x. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-7564"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004414"
},
{
"db": "VULHUB",
"id": "VHN-158999"
},
{
"db": "VULMON",
"id": "CVE-2019-7564"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-7564",
"trust": 2.7
},
{
"db": "PACKETSTORM",
"id": "151595",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004414",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201902-574",
"trust": 0.7
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-158999",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-7564",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-158999"
},
{
"db": "VULMON",
"id": "CVE-2019-7564"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004414"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-574"
},
{
"db": "NVD",
"id": "CVE-2019-7564"
}
]
},
"id": "VAR-201905-0417",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-158999"
}
],
"trust": 0.7625
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"network device"
],
"sub_category": "router",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T22:28:44.374000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://en.coship.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004414"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.1
},
{
"problemtype": "CWE-255",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-158999"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004414"
},
{
"db": "NVD",
"id": "CVE-2019-7564"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://packetstormsecurity.com/files/151595/coship-wireless-router-4.0.0.x-5.0.0.x-authentication-bypass.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-7564"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-7564"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/306.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-158999"
},
{
"db": "VULMON",
"id": "CVE-2019-7564"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004414"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-574"
},
{
"db": "NVD",
"id": "CVE-2019-7564"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-158999"
},
{
"db": "VULMON",
"id": "CVE-2019-7564"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004414"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-574"
},
{
"db": "NVD",
"id": "CVE-2019-7564"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-07T00:00:00",
"db": "VULHUB",
"id": "VHN-158999"
},
{
"date": "2019-05-07T00:00:00",
"db": "VULMON",
"id": "CVE-2019-7564"
},
{
"date": "2019-05-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004414"
},
{
"date": "2019-02-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201902-574"
},
{
"date": "2019-05-07T19:29:01.753000",
"db": "NVD",
"id": "CVE-2019-7564"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-158999"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2019-7564"
},
{
"date": "2019-05-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004414"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201902-574"
},
{
"date": "2024-11-21T04:48:19.810000",
"db": "NVD",
"id": "CVE-2019-7564"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201902-574"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Shenzhen Coship WM3300 WiFi Vulnerabilities related to certificate and password management in router devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004414"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201902-574"
}
],
"trust": 0.6
}
}
VAR-201903-0427
Vulnerability from variot - Updated: 2024-11-23 22:48An issue was discovered on Shenzhen Coship RT3050 4.0.0.40, RT3052 4.0.0.48, RT7620 10.0.0.49, WM3300 5.0.0.54, and WM3300 5.0.0.55 devices. The password reset functionality of the router doesn't have backend validation for the current password and doesn't require any type of authentication. By making a POST request to the apply.cgi file of the router, the attacker can change the admin username and password of the router. plural Shenzhen Coship Vulnerabilities related to certificate and password management exist in device products.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Coship Wireless Router is a wireless router produced by China Coship Electronics Company. A security vulnerability exists in the Coship Wireless Router. An attacker could use this vulnerability to reset the administrator password. The following versions are affected: Coship Wireless Router Version 4.0.0.48, Version 4.0.0.40, Version 5.0.0.54, Version 5.0.0.55, Version 10.0.0.49
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-0427",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rt3050",
"scope": "eq",
"trust": 1.8,
"vendor": "coship",
"version": "4.0.0.40"
},
{
"model": "rt3052",
"scope": "eq",
"trust": 1.8,
"vendor": "coship",
"version": "4.0.0.48"
},
{
"model": "rt7620",
"scope": "eq",
"trust": 1.8,
"vendor": "coship",
"version": "10.0.0.49"
},
{
"model": "wm3300",
"scope": "eq",
"trust": 1.8,
"vendor": "coship",
"version": "5.0.0.54"
},
{
"model": "wm3300",
"scope": "eq",
"trust": 1.8,
"vendor": "coship",
"version": "5.0.0.55"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003066"
},
{
"db": "NVD",
"id": "CVE-2019-6441"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:coship:rt3050_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:coship:rt3052_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:coship:rt7620_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:coship:wm3300_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003066"
}
]
},
"cve": "CVE-2019-6441",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-6441",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-157876",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-6441",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-6441",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-6441",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201901-726",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-157876",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-6441",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-157876"
},
{
"db": "VULMON",
"id": "CVE-2019-6441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003066"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-726"
},
{
"db": "NVD",
"id": "CVE-2019-6441"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Shenzhen Coship RT3050 4.0.0.40, RT3052 4.0.0.48, RT7620 10.0.0.49, WM3300 5.0.0.54, and WM3300 5.0.0.55 devices. The password reset functionality of the router doesn\u0027t have backend validation for the current password and doesn\u0027t require any type of authentication. By making a POST request to the apply.cgi file of the router, the attacker can change the admin username and password of the router. plural Shenzhen Coship Vulnerabilities related to certificate and password management exist in device products.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Coship Wireless Router is a wireless router produced by China Coship Electronics Company. A security vulnerability exists in the Coship Wireless Router. An attacker could use this vulnerability to reset the administrator password. The following versions are affected: Coship Wireless Router Version 4.0.0.48, Version 4.0.0.40, Version 5.0.0.54, Version 5.0.0.55, Version 10.0.0.49",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-6441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003066"
},
{
"db": "VULHUB",
"id": "VHN-157876"
},
{
"db": "VULMON",
"id": "CVE-2019-6441"
}
],
"trust": 1.8
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=46180",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-6441"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-6441",
"trust": 2.6
},
{
"db": "PACKETSTORM",
"id": "151202",
"trust": 2.6
},
{
"db": "EXPLOIT-DB",
"id": "46180",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003066",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201901-726",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-157876",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-6441",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-157876"
},
{
"db": "VULMON",
"id": "CVE-2019-6441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003066"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-726"
},
{
"db": "NVD",
"id": "CVE-2019-6441"
}
]
},
"id": "VAR-201903-0427",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-157876"
}
],
"trust": 0.6625
},
"last_update_date": "2024-11-23T22:48:25.681000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://en.coship.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003066"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.1
},
{
"problemtype": "CWE-255",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-157876"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003066"
},
{
"db": "NVD",
"id": "CVE-2019-6441"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.4,
"url": "https://packetstormsecurity.com/files/151202/coship-wireless-router-unauthenticated-admin-password-reset.html"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/46180"
},
{
"trust": 1.8,
"url": "https://www.exploit-db.com/exploits/46180/"
},
{
"trust": 1.8,
"url": "https://www.anquanke.com/vul/id/1451446"
},
{
"trust": 1.7,
"url": "https://vulmon.com/exploitdetails?qidtp=edb\u0026qid=46180"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-6441"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6441"
},
{
"trust": 0.1,
"url": "https://vulmon.com/exploitdetails?qidtp=edb\u0026amp;qid=46180"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-157876"
},
{
"db": "VULMON",
"id": "CVE-2019-6441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003066"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-726"
},
{
"db": "NVD",
"id": "CVE-2019-6441"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-157876"
},
{
"db": "VULMON",
"id": "CVE-2019-6441"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003066"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-726"
},
{
"db": "NVD",
"id": "CVE-2019-6441"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-157876"
},
{
"date": "2019-03-21T00:00:00",
"db": "VULMON",
"id": "CVE-2019-6441"
},
{
"date": "2019-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003066"
},
{
"date": "2019-01-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-726"
},
{
"date": "2019-03-21T16:01:08.140000",
"db": "NVD",
"id": "CVE-2019-6441"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-157876"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2019-6441"
},
{
"date": "2019-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003066"
},
{
"date": "2020-10-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-726"
},
{
"date": "2024-11-21T04:46:27.377000",
"db": "NVD",
"id": "CVE-2019-6441"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-726"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Shenzhen Coship Vulnerabilities related to certificate and password management in device products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003066"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-726"
}
],
"trust": 0.6
}
}