Search
Find a vulnerability
Search criteria
11 vulnerabilities by Xiongmai
CVE-2026-34005 (GCVE-0-2026-34005)
Vulnerability from nvd – Published: 2026-03-29 17:02 – Updated: 2026-03-30 14:19
VLAI
Summary
In Sofia on Xiongmai DVR/NVR (AHB7008T-MH-V2 and NBD7024H-P) 4.03.R11 devices, root OS command injection can occur via shell metacharacters in the HostName value via an authenticated DVRIP protocol (TCP port 34567) request to the NetWork.NetCommon configuration handler, because system() is used.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Xiongmai | DVR/NVR devices |
Affected:
4.03.R11
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34005",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-30T14:19:13.856503Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-30T14:19:23.210Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Sofia binary - hostname configuration handler"
],
"product": "DVR/NVR devices",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.03.R11",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Sofia on Xiongmai DVR/NVR (AHB7008T-MH-V2 and NBD7024H-P) 4.03.R11 devices, root OS command injection can occur via shell metacharacters in the HostName value via an authenticated DVRIP protocol (TCP port 34567) request to the NetWork.NetCommon configuration handler, because system() is used."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-29T17:09:28.999Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.xiongmaitech.com"
},
{
"url": "https://uky007.github.io/CVE-2026-34005/"
}
],
"x_generator": {
"engine": "CVE-Request-form 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2026-34005",
"datePublished": "2026-03-29T17:02:15.445Z",
"dateReserved": "2026-03-25T05:22:12.479Z",
"dateUpdated": "2026-03-30T14:19:23.210Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-3765 (GCVE-0-2024-3765)
Vulnerability from nvd – Published: 2024-04-14 23:00 – Updated: 2024-08-08 20:19
VLAI
Title
Xiongmai AHB7804R-MH-V2 Sofia Service access control
Summary
A vulnerability classified as critical was found in Xiongmai AHB7804R-MH-V2, AHB8004T-GL, AHB8008T-GL, AHB7004T-GS-V3, AHB7004T-MHV2, AHB8032F-LME and XM530_R80X30-PQ_8M. Affected by this vulnerability is an unknown functionality of the component Sofia Service. The manipulation with the input ff00000000000000000000000000f103250000007b202252657422203a203130302c202253657373696f6e494422203a202230783022207d0a leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260605 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Severity
9.8 (Critical)
9.8 (Critical)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Controls
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.260605 | vdb-entrytechnical-descriptionmitigation |
| https://vuldb.com/?ctiid.260605 | signaturepermissions-required |
| https://vuldb.com/?submit.311903 | third-party-advisory |
| https://github.com/netsecfish/xiongmai_incorrect_… | related |
| https://github.com/netsecfish/xiongmai_incorrect_… | exploit |
Impacted products
56 products
| Vendor | Product | Version | |
|---|---|---|---|
| Xiongmai | AHB7804R-MH-V2 |
Affected:
4.02.R11.24340142.10001.131900.00000
Affected: 4.02.R11.A8531149.10001.131900.00000 Affected: 4.02.R11.C6380171.11201.141900.00000 Affected: 4.03.R11.0000020X.11201.042300.0000005 Affected: 4.03.R11.4912720B.11201.142300.0000004 Affected: 4.03.R11.4912720D.11201.142300.0000004 Affected: 4.03.R11.4915714A.12201.142300.0000000 Affected: 5.00.R02.00030751.10010.348717.0000000 |
|
| Xiongmai | AHB8004T-GL |
Affected:
4.02.R11.24340142.10001.131900.00000
Affected: 4.02.R11.A8531149.10001.131900.00000 Affected: 4.02.R11.C6380171.11201.141900.00000 Affected: 4.03.R11.0000020X.11201.042300.0000005 Affected: 4.03.R11.4912720B.11201.142300.0000004 Affected: 4.03.R11.4912720D.11201.142300.0000004 Affected: 4.03.R11.4915714A.12201.142300.0000000 Affected: 5.00.R02.00030751.10010.348717.0000000 |
|
| Xiongmai | AHB8008T-GL |
Affected:
4.02.R11.24340142.10001.131900.00000
Affected: 4.02.R11.A8531149.10001.131900.00000 Affected: 4.02.R11.C6380171.11201.141900.00000 Affected: 4.03.R11.0000020X.11201.042300.0000005 Affected: 4.03.R11.4912720B.11201.142300.0000004 Affected: 4.03.R11.4912720D.11201.142300.0000004 Affected: 4.03.R11.4915714A.12201.142300.0000000 Affected: 5.00.R02.00030751.10010.348717.0000000 |
|
| Xiongmai | AHB7004T-GS-V3 |
Affected:
4.02.R11.24340142.10001.131900.00000
Affected: 4.02.R11.A8531149.10001.131900.00000 Affected: 4.02.R11.C6380171.11201.141900.00000 Affected: 4.03.R11.0000020X.11201.042300.0000005 Affected: 4.03.R11.4912720B.11201.142300.0000004 Affected: 4.03.R11.4912720D.11201.142300.0000004 Affected: 4.03.R11.4915714A.12201.142300.0000000 Affected: 5.00.R02.00030751.10010.348717.0000000 |
|
| Xiongmai | AHB7004T-MHV2 |
Affected:
4.02.R11.24340142.10001.131900.00000
Affected: 4.02.R11.A8531149.10001.131900.00000 Affected: 4.02.R11.C6380171.11201.141900.00000 Affected: 4.03.R11.0000020X.11201.042300.0000005 Affected: 4.03.R11.4912720B.11201.142300.0000004 Affected: 4.03.R11.4912720D.11201.142300.0000004 Affected: 4.03.R11.4915714A.12201.142300.0000000 Affected: 5.00.R02.00030751.10010.348717.0000000 |
|
| Xiongmai | AHB8032F-LME |
Affected:
4.02.R11.24340142.10001.131900.00000
Affected: 4.02.R11.A8531149.10001.131900.00000 Affected: 4.02.R11.C6380171.11201.141900.00000 Affected: 4.03.R11.0000020X.11201.042300.0000005 Affected: 4.03.R11.4912720B.11201.142300.0000004 Affected: 4.03.R11.4912720D.11201.142300.0000004 Affected: 4.03.R11.4915714A.12201.142300.0000000 Affected: 5.00.R02.00030751.10010.348717.0000000 |
|
| Xiongmai | XM530_R80X30-PQ_8M |
Affected:
4.02.R11.24340142.10001.131900.00000
Affected: 4.02.R11.A8531149.10001.131900.00000 Affected: 4.02.R11.C6380171.11201.141900.00000 Affected: 4.03.R11.0000020X.11201.042300.0000005 Affected: 4.03.R11.4912720B.11201.142300.0000004 Affected: 4.03.R11.4912720D.11201.142300.0000004 Affected: 4.03.R11.4915714A.12201.142300.0000000 Affected: 5.00.R02.00030751.10010.348717.0000000 |
|
| xiongmaitech | ahb7804r-mh-v2_firmware |
Affected:
4.02.r11.24340142.10001.131900.00000
Affected: 4.02.r11.a8531149.10001.131900.00000 Affected: 4.02.r11.c6380171.11201.141900.00000 Affected: 4.03.r11.0000020x.11201.042300.0000005 Affected: 4.03.r11.4912720b.11201.142300.0000004 Affected: 4.03.r11.4912720d.11201.142300.0000004 Affected: 4.03.r11.4915714a.12201.142300.0000000 Affected: 5.00.r02.00030751.10010.348717.0000000 cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:* cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:* cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:* cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:* cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:* cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:* cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:* cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
4.03.r11.4915714a.12201.142300.0000000
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
4.02.r11.a8531149.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
4.03.r11.4912720b.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
4.03.r11.4912720d.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
5.00.r02.00030751.10010.348717.0000000
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
4.02.r11.c6380171.11201.141900.00000
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
4.03.r11.0000020x.11201.042300.0000005
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
4.02.r11.24340142.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
4.03.r11.4915714a.12201.142300.0000000
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
4.02.r11.a8531149.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
4.03.r11.4912720b.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
4.03.r11.4912720d.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
5.00.r02.00030751.10010.348717.0000000
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
4.02.r11.c6380171.11201.141900.00000
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
4.03.r11.0000020x.11201.042300.0000005
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
4.02.r11.24340142.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
4.03.r11.4915714a.12201.142300.0000000
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
4.02.r11.a8531149.10001.131900.00000
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
4.03.r11.4912720b.11201.142300.0000004
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
4.03.r11.4912720d.11201.142300.0000004
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
5.00.r02.00030751.10010.348717.0000000
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
4.02.r11.c6380171.11201.141900.00000
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
4.03.r11.0000020x.11201.042300.0000005
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
4.02.r11.24340142.10001.131900.00000
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
4.03.r11.4915714a.12201.142300.0000000
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
4.02.r11.a8531149.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
4.03.r11.4912720b.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
4.03.r11.4912720d.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
5.00.r02.00030751.10010.348717.0000000
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
4.02.r11.c6380171.11201.141900.00000
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
4.03.r11.0000020x.11201.042300.0000005
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
4.02.r11.24340142.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
4.03.r11.4915714a.12201.142300.0000000
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
4.02.r11.a8531149.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
4.03.r11.4912720b.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
4.03.r11.4912720d.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
5.00.r02.00030751.10010.348717.0000000
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
4.02.r11.c6380171.11201.141900.00000
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
4.03.r11.0000020x.11201.042300.0000005
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
4.02.r11.24340142.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
4.03.r11.4915714a.12201.142300.0000000
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
4.02.r11.a8531149.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
4.03.r11.4912720b.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
4.03.r11.4912720d.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
5.00.r02.00030751.10010.348717.0000000
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
4.02.r11.c6380171.11201.141900.00000
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
4.03.r11.0000020x.11201.042300.0000005
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
4.02.r11.24340142.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:20:01.820Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VDB-260605 | Xiongmai AHB7804R-MH-V2 Sofia Service access control",
"tags": [
"vdb-entry",
"technical-description",
"mitigation",
"x_transferred"
],
"url": "https://vuldb.com/?id.260605"
},
{
"name": "VDB-260605 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.260605"
},
{
"name": "Submit #311903 | Xiongmai AHB7804R-MH-V2, AHB8008T-GL, AHB8004T-GL, XM530_R80X30-PQ_8M, AHB7004T-GS-V3, AHB8032F-LME, AHB7004T-MHV2 V4.03.R11.4915714A.12201.142300.0000000, V4.02.R11.A8531149.10001.131900.00000, V4.03.R11.4912720B.11201.142300.0000004, V4.03.R Incorrect A",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://vuldb.com/?submit.311903"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://github.com/netsecfish/xiongmai_incorrect_access_control"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/netsecfish/xiongmai_incorrect_access_control/blob/main/pocCheck3-en.py"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:*",
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:*",
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:*",
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:*",
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:*",
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:*",
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:*",
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7804r-mh-v2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.r11.a8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.r11.c6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.r11.0000020x.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.r11.4912720b.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.r11.4912720d.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.r11.4915714a.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.r02.00030751.10010.348717.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4915714a.12201.142300.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.a8531149.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720b.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720d.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "5.00.r02.00030751.10010.348717.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.c6380171.11201.141900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.0000020x.11201.042300.0000005"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.24340142.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4915714a.12201.142300.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.a8531149.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720b.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720d.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "5.00.r02.00030751.10010.348717.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.c6380171.11201.141900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.0000020x.11201.042300.0000005"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.24340142.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4915714a.12201.142300.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.a8531149.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720b.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720d.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "5.00.r02.00030751.10010.348717.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.c6380171.11201.141900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.0000020x.11201.042300.0000005"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.24340142.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4915714a.12201.142300.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.a8531149.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720b.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720d.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "5.00.r02.00030751.10010.348717.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.c6380171.11201.141900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.0000020x.11201.042300.0000005"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.24340142.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4915714a.12201.142300.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.a8531149.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720b.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720d.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "5.00.r02.00030751.10010.348717.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.c6380171.11201.141900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.0000020x.11201.042300.0000005"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.24340142.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4915714a.12201.142300.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.a8531149.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720b.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720d.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "5.00.r02.00030751.10010.348717.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.c6380171.11201.141900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.0000020x.11201.042300.0000005"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.24340142.10001.131900.00000"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3765",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-15T13:40:05.259780Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T20:19:23.996Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Sofia Service"
],
"product": "AHB7804R-MH-V2",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.02.R11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.A8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.C6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.R11.0000020X.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.R11.4912720B.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4912720D.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4915714A.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.R02.00030751.10010.348717.0000000"
}
]
},
{
"modules": [
"Sofia Service"
],
"product": "AHB8004T-GL",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.02.R11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.A8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.C6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.R11.0000020X.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.R11.4912720B.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4912720D.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4915714A.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.R02.00030751.10010.348717.0000000"
}
]
},
{
"modules": [
"Sofia Service"
],
"product": "AHB8008T-GL",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.02.R11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.A8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.C6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.R11.0000020X.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.R11.4912720B.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4912720D.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4915714A.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.R02.00030751.10010.348717.0000000"
}
]
},
{
"modules": [
"Sofia Service"
],
"product": "AHB7004T-GS-V3",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.02.R11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.A8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.C6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.R11.0000020X.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.R11.4912720B.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4912720D.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4915714A.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.R02.00030751.10010.348717.0000000"
}
]
},
{
"modules": [
"Sofia Service"
],
"product": "AHB7004T-MHV2",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.02.R11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.A8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.C6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.R11.0000020X.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.R11.4912720B.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4912720D.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4915714A.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.R02.00030751.10010.348717.0000000"
}
]
},
{
"modules": [
"Sofia Service"
],
"product": "AHB8032F-LME",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.02.R11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.A8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.C6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.R11.0000020X.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.R11.4912720B.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4912720D.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4915714A.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.R02.00030751.10010.348717.0000000"
}
]
},
{
"modules": [
"Sofia Service"
],
"product": "XM530_R80X30-PQ_8M",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.02.R11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.A8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.C6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.R11.0000020X.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.R11.4912720B.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4912720D.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4915714A.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.R02.00030751.10010.348717.0000000"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "netsecfish (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in Xiongmai AHB7804R-MH-V2, AHB8004T-GL, AHB8008T-GL, AHB7004T-GS-V3, AHB7004T-MHV2, AHB8032F-LME and XM530_R80X30-PQ_8M. Affected by this vulnerability is an unknown functionality of the component Sofia Service. The manipulation with the input ff00000000000000000000000000f103250000007b202252657422203a203130302c202253657373696f6e494422203a202230783022207d0a leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260605 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In Xiongmai AHB7804R-MH-V2, AHB8004T-GL, AHB8008T-GL, AHB7004T-GS-V3, AHB7004T-MHV2, AHB8032F-LME and XM530_R80X30-PQ_8M wurde eine kritische Schwachstelle entdeckt. Es geht um eine nicht n\u00e4her bekannte Funktion der Komponente Sofia Service. Durch Manipulation mit der Eingabe ff00000000000000000000000000f103250000007b202252657422203a203130302c202253657373696f6e494422203a202230783022207d0a mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 10,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-14T23:00:05.199Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-260605 | Xiongmai AHB7804R-MH-V2 Sofia Service access control",
"tags": [
"vdb-entry",
"technical-description",
"mitigation"
],
"url": "https://vuldb.com/?id.260605"
},
{
"name": "VDB-260605 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.260605"
},
{
"name": "Submit #311903 | Xiongmai AHB7804R-MH-V2, AHB8008T-GL, AHB8004T-GL, XM530_R80X30-PQ_8M, AHB7004T-GS-V3, AHB8032F-LME, AHB7004T-MHV2 V4.03.R11.4915714A.12201.142300.0000000, V4.02.R11.A8531149.10001.131900.00000, V4.03.R11.4912720B.11201.142300.0000004, V4.03.R Incorrect A",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.311903"
},
{
"tags": [
"related"
],
"url": "https://github.com/netsecfish/xiongmai_incorrect_access_control"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/netsecfish/xiongmai_incorrect_access_control/blob/main/pocCheck3-en.py"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-04-14T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-04-14T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-04-14T10:50:01.000Z",
"value": "VulDB entry last update"
}
],
"title": "Xiongmai AHB7804R-MH-V2 Sofia Service access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-3765",
"datePublished": "2024-04-14T23:00:05.199Z",
"dateReserved": "2024-04-14T08:43:42.949Z",
"dateUpdated": "2024-08-08T20:19:23.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-34005 (GCVE-0-2026-34005)
Vulnerability from cvelistv5 – Published: 2026-03-29 17:02 – Updated: 2026-03-30 14:19
VLAI
Summary
In Sofia on Xiongmai DVR/NVR (AHB7008T-MH-V2 and NBD7024H-P) 4.03.R11 devices, root OS command injection can occur via shell metacharacters in the HostName value via an authenticated DVRIP protocol (TCP port 34567) request to the NetWork.NetCommon configuration handler, because system() is used.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Xiongmai | DVR/NVR devices |
Affected:
4.03.R11
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34005",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-30T14:19:13.856503Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-30T14:19:23.210Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Sofia binary - hostname configuration handler"
],
"product": "DVR/NVR devices",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.03.R11",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Sofia on Xiongmai DVR/NVR (AHB7008T-MH-V2 and NBD7024H-P) 4.03.R11 devices, root OS command injection can occur via shell metacharacters in the HostName value via an authenticated DVRIP protocol (TCP port 34567) request to the NetWork.NetCommon configuration handler, because system() is used."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-29T17:09:28.999Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.xiongmaitech.com"
},
{
"url": "https://uky007.github.io/CVE-2026-34005/"
}
],
"x_generator": {
"engine": "CVE-Request-form 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2026-34005",
"datePublished": "2026-03-29T17:02:15.445Z",
"dateReserved": "2026-03-25T05:22:12.479Z",
"dateUpdated": "2026-03-30T14:19:23.210Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-3765 (GCVE-0-2024-3765)
Vulnerability from cvelistv5 – Published: 2024-04-14 23:00 – Updated: 2024-08-08 20:19
VLAI
Title
Xiongmai AHB7804R-MH-V2 Sofia Service access control
Summary
A vulnerability classified as critical was found in Xiongmai AHB7804R-MH-V2, AHB8004T-GL, AHB8008T-GL, AHB7004T-GS-V3, AHB7004T-MHV2, AHB8032F-LME and XM530_R80X30-PQ_8M. Affected by this vulnerability is an unknown functionality of the component Sofia Service. The manipulation with the input ff00000000000000000000000000f103250000007b202252657422203a203130302c202253657373696f6e494422203a202230783022207d0a leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260605 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Severity
9.8 (Critical)
9.8 (Critical)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Controls
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.260605 | vdb-entrytechnical-descriptionmitigation |
| https://vuldb.com/?ctiid.260605 | signaturepermissions-required |
| https://vuldb.com/?submit.311903 | third-party-advisory |
| https://github.com/netsecfish/xiongmai_incorrect_… | related |
| https://github.com/netsecfish/xiongmai_incorrect_… | exploit |
Impacted products
56 products
| Vendor | Product | Version | |
|---|---|---|---|
| Xiongmai | AHB7804R-MH-V2 |
Affected:
4.02.R11.24340142.10001.131900.00000
Affected: 4.02.R11.A8531149.10001.131900.00000 Affected: 4.02.R11.C6380171.11201.141900.00000 Affected: 4.03.R11.0000020X.11201.042300.0000005 Affected: 4.03.R11.4912720B.11201.142300.0000004 Affected: 4.03.R11.4912720D.11201.142300.0000004 Affected: 4.03.R11.4915714A.12201.142300.0000000 Affected: 5.00.R02.00030751.10010.348717.0000000 |
|
| Xiongmai | AHB8004T-GL |
Affected:
4.02.R11.24340142.10001.131900.00000
Affected: 4.02.R11.A8531149.10001.131900.00000 Affected: 4.02.R11.C6380171.11201.141900.00000 Affected: 4.03.R11.0000020X.11201.042300.0000005 Affected: 4.03.R11.4912720B.11201.142300.0000004 Affected: 4.03.R11.4912720D.11201.142300.0000004 Affected: 4.03.R11.4915714A.12201.142300.0000000 Affected: 5.00.R02.00030751.10010.348717.0000000 |
|
| Xiongmai | AHB8008T-GL |
Affected:
4.02.R11.24340142.10001.131900.00000
Affected: 4.02.R11.A8531149.10001.131900.00000 Affected: 4.02.R11.C6380171.11201.141900.00000 Affected: 4.03.R11.0000020X.11201.042300.0000005 Affected: 4.03.R11.4912720B.11201.142300.0000004 Affected: 4.03.R11.4912720D.11201.142300.0000004 Affected: 4.03.R11.4915714A.12201.142300.0000000 Affected: 5.00.R02.00030751.10010.348717.0000000 |
|
| Xiongmai | AHB7004T-GS-V3 |
Affected:
4.02.R11.24340142.10001.131900.00000
Affected: 4.02.R11.A8531149.10001.131900.00000 Affected: 4.02.R11.C6380171.11201.141900.00000 Affected: 4.03.R11.0000020X.11201.042300.0000005 Affected: 4.03.R11.4912720B.11201.142300.0000004 Affected: 4.03.R11.4912720D.11201.142300.0000004 Affected: 4.03.R11.4915714A.12201.142300.0000000 Affected: 5.00.R02.00030751.10010.348717.0000000 |
|
| Xiongmai | AHB7004T-MHV2 |
Affected:
4.02.R11.24340142.10001.131900.00000
Affected: 4.02.R11.A8531149.10001.131900.00000 Affected: 4.02.R11.C6380171.11201.141900.00000 Affected: 4.03.R11.0000020X.11201.042300.0000005 Affected: 4.03.R11.4912720B.11201.142300.0000004 Affected: 4.03.R11.4912720D.11201.142300.0000004 Affected: 4.03.R11.4915714A.12201.142300.0000000 Affected: 5.00.R02.00030751.10010.348717.0000000 |
|
| Xiongmai | AHB8032F-LME |
Affected:
4.02.R11.24340142.10001.131900.00000
Affected: 4.02.R11.A8531149.10001.131900.00000 Affected: 4.02.R11.C6380171.11201.141900.00000 Affected: 4.03.R11.0000020X.11201.042300.0000005 Affected: 4.03.R11.4912720B.11201.142300.0000004 Affected: 4.03.R11.4912720D.11201.142300.0000004 Affected: 4.03.R11.4915714A.12201.142300.0000000 Affected: 5.00.R02.00030751.10010.348717.0000000 |
|
| Xiongmai | XM530_R80X30-PQ_8M |
Affected:
4.02.R11.24340142.10001.131900.00000
Affected: 4.02.R11.A8531149.10001.131900.00000 Affected: 4.02.R11.C6380171.11201.141900.00000 Affected: 4.03.R11.0000020X.11201.042300.0000005 Affected: 4.03.R11.4912720B.11201.142300.0000004 Affected: 4.03.R11.4912720D.11201.142300.0000004 Affected: 4.03.R11.4915714A.12201.142300.0000000 Affected: 5.00.R02.00030751.10010.348717.0000000 |
|
| xiongmaitech | ahb7804r-mh-v2_firmware |
Affected:
4.02.r11.24340142.10001.131900.00000
Affected: 4.02.r11.a8531149.10001.131900.00000 Affected: 4.02.r11.c6380171.11201.141900.00000 Affected: 4.03.r11.0000020x.11201.042300.0000005 Affected: 4.03.r11.4912720b.11201.142300.0000004 Affected: 4.03.r11.4912720d.11201.142300.0000004 Affected: 4.03.r11.4915714a.12201.142300.0000000 Affected: 5.00.r02.00030751.10010.348717.0000000 cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:* cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:* cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:* cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:* cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:* cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:* cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:* cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
4.03.r11.4915714a.12201.142300.0000000
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
4.02.r11.a8531149.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
4.03.r11.4912720b.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
4.03.r11.4912720d.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
5.00.r02.00030751.10010.348717.0000000
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
4.02.r11.c6380171.11201.141900.00000
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
4.03.r11.0000020x.11201.042300.0000005
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
4.02.r11.24340142.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
4.03.r11.4915714a.12201.142300.0000000
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
4.02.r11.a8531149.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
4.03.r11.4912720b.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
4.03.r11.4912720d.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
5.00.r02.00030751.10010.348717.0000000
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
4.02.r11.c6380171.11201.141900.00000
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
4.03.r11.0000020x.11201.042300.0000005
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
4.02.r11.24340142.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
4.03.r11.4915714a.12201.142300.0000000
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
4.02.r11.a8531149.10001.131900.00000
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
4.03.r11.4912720b.11201.142300.0000004
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
4.03.r11.4912720d.11201.142300.0000004
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
5.00.r02.00030751.10010.348717.0000000
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
4.02.r11.c6380171.11201.141900.00000
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
4.03.r11.0000020x.11201.042300.0000005
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
4.02.r11.24340142.10001.131900.00000
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
4.03.r11.4915714a.12201.142300.0000000
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
4.02.r11.a8531149.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
4.03.r11.4912720b.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
4.03.r11.4912720d.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
5.00.r02.00030751.10010.348717.0000000
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
4.02.r11.c6380171.11201.141900.00000
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
4.03.r11.0000020x.11201.042300.0000005
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
4.02.r11.24340142.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
4.03.r11.4915714a.12201.142300.0000000
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
4.02.r11.a8531149.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
4.03.r11.4912720b.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
4.03.r11.4912720d.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
5.00.r02.00030751.10010.348717.0000000
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
4.02.r11.c6380171.11201.141900.00000
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
4.03.r11.0000020x.11201.042300.0000005
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
4.02.r11.24340142.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
4.03.r11.4915714a.12201.142300.0000000
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
4.02.r11.a8531149.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
4.03.r11.4912720b.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
4.03.r11.4912720d.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
5.00.r02.00030751.10010.348717.0000000
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
4.02.r11.c6380171.11201.141900.00000
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
4.03.r11.0000020x.11201.042300.0000005
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
4.02.r11.24340142.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:20:01.820Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VDB-260605 | Xiongmai AHB7804R-MH-V2 Sofia Service access control",
"tags": [
"vdb-entry",
"technical-description",
"mitigation",
"x_transferred"
],
"url": "https://vuldb.com/?id.260605"
},
{
"name": "VDB-260605 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.260605"
},
{
"name": "Submit #311903 | Xiongmai AHB7804R-MH-V2, AHB8008T-GL, AHB8004T-GL, XM530_R80X30-PQ_8M, AHB7004T-GS-V3, AHB8032F-LME, AHB7004T-MHV2 V4.03.R11.4915714A.12201.142300.0000000, V4.02.R11.A8531149.10001.131900.00000, V4.03.R11.4912720B.11201.142300.0000004, V4.03.R Incorrect A",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://vuldb.com/?submit.311903"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://github.com/netsecfish/xiongmai_incorrect_access_control"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/netsecfish/xiongmai_incorrect_access_control/blob/main/pocCheck3-en.py"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:*",
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:*",
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:*",
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:*",
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:*",
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:*",
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:*",
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7804r-mh-v2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.r11.a8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.r11.c6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.r11.0000020x.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.r11.4912720b.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.r11.4912720d.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.r11.4915714a.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.r02.00030751.10010.348717.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4915714a.12201.142300.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.a8531149.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720b.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720d.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "5.00.r02.00030751.10010.348717.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.c6380171.11201.141900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.0000020x.11201.042300.0000005"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.24340142.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4915714a.12201.142300.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.a8531149.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720b.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720d.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "5.00.r02.00030751.10010.348717.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.c6380171.11201.141900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.0000020x.11201.042300.0000005"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.24340142.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4915714a.12201.142300.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.a8531149.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720b.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720d.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "5.00.r02.00030751.10010.348717.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.c6380171.11201.141900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.0000020x.11201.042300.0000005"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.24340142.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4915714a.12201.142300.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.a8531149.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720b.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720d.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "5.00.r02.00030751.10010.348717.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.c6380171.11201.141900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.0000020x.11201.042300.0000005"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.24340142.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4915714a.12201.142300.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.a8531149.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720b.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720d.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "5.00.r02.00030751.10010.348717.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.c6380171.11201.141900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.0000020x.11201.042300.0000005"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.24340142.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4915714a.12201.142300.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.a8531149.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720b.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720d.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "5.00.r02.00030751.10010.348717.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.c6380171.11201.141900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.0000020x.11201.042300.0000005"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.24340142.10001.131900.00000"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3765",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-15T13:40:05.259780Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T20:19:23.996Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Sofia Service"
],
"product": "AHB7804R-MH-V2",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.02.R11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.A8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.C6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.R11.0000020X.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.R11.4912720B.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4912720D.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4915714A.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.R02.00030751.10010.348717.0000000"
}
]
},
{
"modules": [
"Sofia Service"
],
"product": "AHB8004T-GL",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.02.R11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.A8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.C6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.R11.0000020X.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.R11.4912720B.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4912720D.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4915714A.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.R02.00030751.10010.348717.0000000"
}
]
},
{
"modules": [
"Sofia Service"
],
"product": "AHB8008T-GL",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.02.R11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.A8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.C6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.R11.0000020X.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.R11.4912720B.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4912720D.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4915714A.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.R02.00030751.10010.348717.0000000"
}
]
},
{
"modules": [
"Sofia Service"
],
"product": "AHB7004T-GS-V3",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.02.R11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.A8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.C6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.R11.0000020X.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.R11.4912720B.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4912720D.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4915714A.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.R02.00030751.10010.348717.0000000"
}
]
},
{
"modules": [
"Sofia Service"
],
"product": "AHB7004T-MHV2",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.02.R11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.A8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.C6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.R11.0000020X.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.R11.4912720B.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4912720D.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4915714A.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.R02.00030751.10010.348717.0000000"
}
]
},
{
"modules": [
"Sofia Service"
],
"product": "AHB8032F-LME",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.02.R11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.A8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.C6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.R11.0000020X.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.R11.4912720B.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4912720D.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4915714A.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.R02.00030751.10010.348717.0000000"
}
]
},
{
"modules": [
"Sofia Service"
],
"product": "XM530_R80X30-PQ_8M",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.02.R11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.A8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.C6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.R11.0000020X.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.R11.4912720B.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4912720D.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4915714A.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.R02.00030751.10010.348717.0000000"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "netsecfish (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in Xiongmai AHB7804R-MH-V2, AHB8004T-GL, AHB8008T-GL, AHB7004T-GS-V3, AHB7004T-MHV2, AHB8032F-LME and XM530_R80X30-PQ_8M. Affected by this vulnerability is an unknown functionality of the component Sofia Service. The manipulation with the input ff00000000000000000000000000f103250000007b202252657422203a203130302c202253657373696f6e494422203a202230783022207d0a leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260605 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In Xiongmai AHB7804R-MH-V2, AHB8004T-GL, AHB8008T-GL, AHB7004T-GS-V3, AHB7004T-MHV2, AHB8032F-LME and XM530_R80X30-PQ_8M wurde eine kritische Schwachstelle entdeckt. Es geht um eine nicht n\u00e4her bekannte Funktion der Komponente Sofia Service. Durch Manipulation mit der Eingabe ff00000000000000000000000000f103250000007b202252657422203a203130302c202253657373696f6e494422203a202230783022207d0a mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 10,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-14T23:00:05.199Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-260605 | Xiongmai AHB7804R-MH-V2 Sofia Service access control",
"tags": [
"vdb-entry",
"technical-description",
"mitigation"
],
"url": "https://vuldb.com/?id.260605"
},
{
"name": "VDB-260605 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.260605"
},
{
"name": "Submit #311903 | Xiongmai AHB7804R-MH-V2, AHB8008T-GL, AHB8004T-GL, XM530_R80X30-PQ_8M, AHB7004T-GS-V3, AHB8032F-LME, AHB7004T-MHV2 V4.03.R11.4915714A.12201.142300.0000000, V4.02.R11.A8531149.10001.131900.00000, V4.03.R11.4912720B.11201.142300.0000004, V4.03.R Incorrect A",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.311903"
},
{
"tags": [
"related"
],
"url": "https://github.com/netsecfish/xiongmai_incorrect_access_control"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/netsecfish/xiongmai_incorrect_access_control/blob/main/pocCheck3-en.py"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-04-14T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-04-14T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-04-14T10:50:01.000Z",
"value": "VulDB entry last update"
}
],
"title": "Xiongmai AHB7804R-MH-V2 Sofia Service access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-3765",
"datePublished": "2024-04-14T23:00:05.199Z",
"dateReserved": "2024-04-14T08:43:42.949Z",
"dateUpdated": "2024-08-08T20:19:23.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
VAR-201704-1424
Vulnerability from variot - Updated: 2025-04-20 23:43XiongMai uc-httpd has directory traversal allowing the reading of arbitrary files via a "GET ../" HTTP request. XiongMaiuc-httpd is an HTTP protection program used by cameras from cameras such as XiongMai. A directory traversal vulnerability exists in XiongMaiuc-httpd
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-1424",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "uc-httpd",
"scope": "eq",
"trust": 1.6,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "uc-httpd",
"scope": null,
"trust": 0.8,
"vendor": "xiongmai",
"version": null
},
{
"model": "xiongmaitech",
"scope": null,
"trust": 0.6,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "uc-httpd",
"scope": "eq",
"trust": 0.6,
"vendor": "xiongmai",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-32133"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002986"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-446"
},
{
"db": "NVD",
"id": "CVE-2017-7577"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:xiongmai_technologies:uc-httpd",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002986"
}
]
},
"cve": "CVE-2017-7577",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-7577",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-32133",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-7577",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-7577",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-7577",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2017-32133",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-446",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-32133"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002986"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-446"
},
{
"db": "NVD",
"id": "CVE-2017-7577"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XiongMai uc-httpd has directory traversal allowing the reading of arbitrary files via a \"GET ../\" HTTP request. XiongMaiuc-httpd is an HTTP protection program used by cameras from cameras such as XiongMai. A directory traversal vulnerability exists in XiongMaiuc-httpd",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7577"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002986"
},
{
"db": "CNVD",
"id": "CNVD-2017-32133"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7577",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002986",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-32133",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201704-446",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-32133"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002986"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-446"
},
{
"db": "NVD",
"id": "CVE-2017-7577"
}
]
},
"id": "VAR-201704-1424",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-32133"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-32133"
}
]
},
"last_update_date": "2025-04-20T23:43:05.229000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.xiongmaitech.com/en/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002986"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002986"
},
{
"db": "NVD",
"id": "CVE-2017-7577"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://zeroday.insecurity.zone/exploits/uc-httpd_lfi.txt"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7577"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7577"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-32133"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002986"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-446"
},
{
"db": "NVD",
"id": "CVE-2017-7577"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-32133"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002986"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-446"
},
{
"db": "NVD",
"id": "CVE-2017-7577"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-32133"
},
{
"date": "2017-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002986"
},
{
"date": "2017-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-446"
},
{
"date": "2017-04-07T04:59:00.190000",
"db": "NVD",
"id": "CVE-2017-7577"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-32133"
},
{
"date": "2017-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002986"
},
{
"date": "2017-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-446"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-7577"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-446"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XiongMai uc-httpd Vulnerable to directory traversal",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002986"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-446"
}
],
"trust": 0.6
}
}
VAR-201712-0119
Vulnerability from variot - Updated: 2025-04-20 23:25A Stack-based Buffer Overflow issue was discovered in Xiongmai Technology IP Cameras and DVRs using the NetSurveillance Web interface. The stack-based buffer overflow vulnerability has been identified, which may allow an attacker to execute code remotely or crash the device. After rebooting, the device restores itself to a more vulnerable state in which Telnet is accessible. Xiongmai Technology IP Camera and DVR Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Xiongmai IPCameraModule and DVR are products of XiongMai. XiongmaiIPCameraModule is an IP camera module product. The DVR is a hard disk recorder. Xiongmai IP Camera Module and DVR are prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Failed exploit attempts will likely cause a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201712-0119",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ipg-50hv20psb-s",
"scope": "eq",
"trust": 1.6,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-83h20pa-s",
"scope": "eq",
"trust": 1.6,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-hp500nr-s",
"scope": "eq",
"trust": 1.6,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-83h20pa-a",
"scope": "eq",
"trust": 1.6,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-50hv20psa-s",
"scope": "eq",
"trust": 1.6,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ivg-hp203y-se",
"scope": "eq",
"trust": 1.6,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-80he20ps-s",
"scope": "eq",
"trust": 1.6,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ivg-hp203y-ae",
"scope": "eq",
"trust": 1.6,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-50hv20psb-a",
"scope": "eq",
"trust": 1.6,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-53h13pe-wk-4f",
"scope": "eq",
"trust": 1.6,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7016t-lm-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.3070"
},
{
"model": "ahb7004t-gl-v4",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ipg-50h10pl-ae",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7016t-lme-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ahb7008f8-g-v4",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ipg-53h20pl-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-53h13p-ae",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-50h10pe-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-83h40af",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-53hv13pa-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-83h40pl-p",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipm-50h10pe-wrc",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7016t-lm-v2",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ipg-53x13pt-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-53h13pet-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-53h13pe-wk",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-54h13pe-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7804r-lms-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.nat.onvifc.20171019"
},
{
"model": "ahb7032f4-lm-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ipm-53hv13pe-wr",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7004t-lm-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.3070"
},
{
"model": "ahb7008f2-g-v4",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ahb7004t-g-v4",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ipg-53x13pa-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7008f2-h",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.3070"
},
{
"model": "ipg-50hv20pet-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-53h20pl-p",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipm-50h10pe-wrm",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7004t-lme-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ipm-53h13pe-wrc",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7808r-mh-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ipg-53h13pls-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipm-53v13pl-wr",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-50hv10pt-a",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-53hv13pa-wp",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7032f2-lm-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ipg-53h13p-p",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-83h20pl-p",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-53h20py-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7004t-gs-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ipg-53x13pe-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7016t-gs-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ahb7808r-ms-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.nat.onvifc.20170327"
},
{
"model": "ahb7804r-ms-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.nat.onvifc.20170327"
},
{
"model": "ahb7016t-mh-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ahb7016t4-mh-v2",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ipg-50hv20pes-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7016f8-gl-v4",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ahb7008t-mh-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ipg-80h20pt-a",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipm-50hv10pt-wr",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-50h10pl-b",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7008t4-h-v2",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ahb7804r-lm-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.nat.onvifc.20171120"
},
{
"model": "ahb7008t-lm-v2",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ipg-53h13pes-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-50hv10pt-wp",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-53h20pl-ae",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipm-50hv20pe-wr",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-83h50p-p",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-50h10pl-p",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7016f2-gl-v4",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ipg-83h50p-b",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7008t-lm-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.3070"
},
{
"model": "ipg-52h10pl-b",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-53h13pl-p",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7016t-mh-v2",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ahb7008t-lme-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ipg-53h13pl-ae",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-54h20pl-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7032f4-gs-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ipg-53hv13pa-a",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-80h20pt-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7016f8-gs-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ipg-50h10pl-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-53h10pe-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7008t-mh-v2",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ipg-50hv10pt-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-53h20pl-b",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-50h10pe-wp",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-50hv10pv-a",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7032f2-gs-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ipg-53hv13pt-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7032f8-gs-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ipm-50h10pe-wr",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipm-50h10pe-o\\",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7008t-gs-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ahb7008f8-h",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.3070"
},
{
"model": "ahb7004t-h-v2",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ahb7008f4-h",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.3070"
},
{
"model": "ipg-50h10pl-r",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-53h13pe-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-50x10pt-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7004t-mh-v2",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ahb7016t4-gs-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ipg-53h13p-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-83h40pl-b",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-52h10pl-p",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7008t-gl-v4",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ipg-53h13pl-r",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7008t4-h-v2",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "_firmware"
},
{
"model": "ipg-50hv20pet-a",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-50x10pe-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-53h13pl-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-50h10pe-sl",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-50h10pe-wk",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipm-53h13pe-wrm",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipm-50v10pl-wr",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-83h20pl-b",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipm-53h13pe-wr",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-50h20pt-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-53h13pl-b",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7008t-h-v2",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ahb7032f4-lm-v2",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ahb7808r-lm-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.nat.onvifc.20171120"
},
{
"model": "ahb7016f4-gl-v4",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ahb7032f8-lm-v2",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ahb7008f4-g-v4",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ipg-53h13pe-wp",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-50hv10pv-s",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-53h13pes-sl",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-50h10pe-wk-2f",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipm-50v10pl-wrc",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ipg-53h13p-b",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "ahb7804r-mh-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ahb7004t-mh-v3",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "4.02.r11.7601"
},
{
"model": "ahb7008f8-h",
"scope": null,
"trust": 0.8,
"vendor": "xiongmai",
"version": null
},
{
"model": "ipg-50h10pl-p",
"scope": null,
"trust": 0.8,
"vendor": "xiongmai",
"version": null
},
{
"model": "ipm-50hv10pt-wr",
"scope": null,
"trust": 0.8,
"vendor": "xiongmai",
"version": null
},
{
"model": "ivg-hp203y-ae",
"scope": null,
"trust": 0.8,
"vendor": "xiongmai",
"version": null
},
{
"model": "technology ip cameras and dvrs",
"scope": null,
"trust": 0.6,
"vendor": "xiongmai",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.4,
"vendor": "ahb7008t h v2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ipg 53hv13pt s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ipg 54h20pl s",
"version": null
},
{
"model": "xvi dvr board",
"scope": "eq",
"trust": 0.3,
"vendor": "xiongmai",
"version": "0"
},
{
"model": "ip camera module",
"scope": "eq",
"trust": 0.3,
"vendor": "xiongmai",
"version": "0"
},
{
"model": "ahd dvr board",
"scope": "eq",
"trust": 0.3,
"vendor": "xiongmai",
"version": "0"
},
{
"model": "4.02.r11.3070",
"scope": null,
"trust": 0.2,
"vendor": "ahb7008f8 h",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7016t mh v2",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7008t4 h v2",
"version": null
},
{
"model": "",
"scope": null,
"trust": 0.2,
"vendor": "ahb7008t4 h v2",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7032f8 lm v2",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7032f4 lm v2",
"version": null
},
{
"model": "4.02.r11.nat.onvifc.20170327",
"scope": null,
"trust": 0.2,
"vendor": "ahb7808r ms v3",
"version": null
},
{
"model": "4.02.r11.nat.onvifc.20170327",
"scope": null,
"trust": 0.2,
"vendor": "ahb7804r ms v3",
"version": null
},
{
"model": "4.02.r11.3070",
"scope": null,
"trust": 0.2,
"vendor": "ahb7016t lm v3",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipm 50h10pe wrm",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipm 53h13pe wrm",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 83h40af",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipm 50v10pl wrc",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipm 50h10pe wrc",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50x10pt s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50x10pe s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53x13pt s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53x13pa s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53x13pe s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipm 53h13pe wrc",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipm 53hv13pe wr",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipm 53v13pl wr",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipm 53h13pe wr",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50h10pe wk 2f",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 83h20pl p",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 83h20pl b",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53hv13pa a",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53hv13pa s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipm 50hv20pe wr",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50hv10pt a",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50hv10pt s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50hv10pv a",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50hv10pv s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 80h20pt a",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 80h20pt s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50h20pt s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53h20py s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53h13pe wk 4f",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 83h20pa a",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 83h20pa s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50hv20psa s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50hv20psb a",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50hv20psb s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ivg hp203y ae",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ivg hp203y se",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg hp500nr s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 80he20ps s",
"version": null
},
{
"model": "4.02.r11.3070",
"scope": null,
"trust": 0.2,
"vendor": "ahb7008f4 h",
"version": null
},
{
"model": "4.02.r11.3070",
"scope": null,
"trust": 0.2,
"vendor": "ahb7008t lm v3",
"version": null
},
{
"model": "4.02.r11.3070",
"scope": null,
"trust": 0.2,
"vendor": "ahb7004t lm v3",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7016t4 gs v3",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7016t gs v3",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7008t gs v3",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7004t gs v3",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7016t mh v3",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7008t mh v3",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7004t mh v3",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7008t gl v4",
"version": null
},
{
"model": "4.02.r11.3070",
"scope": null,
"trust": 0.2,
"vendor": "ahb7008f2 h",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7004t gl v4",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7004t g v4",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7016f8 gs v3",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7016f8 gl v4",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7016f4 gl v4",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7016f2 gl v4",
"version": null
},
{
"model": "4.02.r11.nat.onvifc.20171120",
"scope": null,
"trust": 0.2,
"vendor": "ahb7808r lm v3",
"version": null
},
{
"model": "4.02.r11.nat.onvifc.20171120",
"scope": null,
"trust": 0.2,
"vendor": "ahb7804r lm v3",
"version": null
},
{
"model": "4.02.r11.nat.onvifc.20171019",
"scope": null,
"trust": 0.2,
"vendor": "ahb7804r lms v3",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7008f8 g v4",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7008t mh v2",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7008f4 g v4",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7008f2 g v4",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7032f4 lm v3",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7032f2 lm v3",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7032f8 gs v3",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7032f4 gs v3",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7032f2 gs v3",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7016t lme v3",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7008t lme v3",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7004t lme v3",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7004t mh v2",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7808r mh v3",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7804r mh v3",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50h10pl p",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50h10pl b",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50h10pl ae",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50h10pl s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 52h10pl p",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 52h10pl b",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53h13pet s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53h13pls s",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7004t h v2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53h13pes s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53h13pes sl",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53h13pl p",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53h13pl b",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53h13pl ae",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53h13pl s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53h13p p",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53h13p b",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53h13p ae",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53h13p s",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7016t lm v2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 83h40pl b",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 83h40pl p",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 83h50p p",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 83h50p b",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53h10pe s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50h10pe sl",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50h10pe s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipm 50hv10pt wr",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipm 50v10pl wr",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipm 50h10pe wr",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7008t lm v2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 54h13pe s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50h10pl r",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipm 50h10pe o r",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53h13pl r",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50h10pe wp",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50hv10pt wp",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53hv13pa wp",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53h13pe wp",
"version": null
},
{
"model": "4.02.r11.7601",
"scope": null,
"trust": 0.2,
"vendor": "ahb7016t4 mh v2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53h20pl p",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53h20pl b",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53h20pl ae",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53h20pl s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50hv20pet a",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50hv20pet s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50hv20pes s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 50h10pe wk",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53h13pe wk",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipg 53h13pe s",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "e2df8100-39ab-11e9-aca3-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2017-36865"
},
{
"db": "BID",
"id": "102125"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011817"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-359"
},
{
"db": "NVD",
"id": "CVE-2017-16725"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:xiongmai_technologies:ahb7008f8-h_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:xiongmai_technologies:ipg-50h10pl-p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:xiongmai_technologies:ipm-50hv10pt-wr_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:xiongmai_technologies:ivg-hp203y-ae_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011817"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Clinton Mielke",
"sources": [
{
"db": "BID",
"id": "102125"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-359"
}
],
"trust": 0.9
},
"cve": "CVE-2017-16725",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-16725",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-36865",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "e2df8100-39ab-11e9-aca3-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-107676",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-16725",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-16725",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-16725",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2017-36865",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201712-359",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2df8100-39ab-11e9-aca3-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-107676",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-16725",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2df8100-39ab-11e9-aca3-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2017-36865"
},
{
"db": "VULHUB",
"id": "VHN-107676"
},
{
"db": "VULMON",
"id": "CVE-2017-16725"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011817"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-359"
},
{
"db": "NVD",
"id": "CVE-2017-16725"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A Stack-based Buffer Overflow issue was discovered in Xiongmai Technology IP Cameras and DVRs using the NetSurveillance Web interface. The stack-based buffer overflow vulnerability has been identified, which may allow an attacker to execute code remotely or crash the device. After rebooting, the device restores itself to a more vulnerable state in which Telnet is accessible. Xiongmai Technology IP Camera and DVR Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Xiongmai IPCameraModule and DVR are products of XiongMai. XiongmaiIPCameraModule is an IP camera module product. The DVR is a hard disk recorder. Xiongmai IP Camera Module and DVR are prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Failed exploit attempts will likely cause a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-16725"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011817"
},
{
"db": "CNVD",
"id": "CNVD-2017-36865"
},
{
"db": "BID",
"id": "102125"
},
{
"db": "IVD",
"id": "e2df8100-39ab-11e9-aca3-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-107676"
},
{
"db": "VULMON",
"id": "CVE-2017-16725"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-16725",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-17-341-01",
"trust": 3.5
},
{
"db": "BID",
"id": "102125",
"trust": 2.1
},
{
"db": "CNNVD",
"id": "CNNVD-201712-359",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-36865",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011817",
"trust": 0.8
},
{
"db": "IVD",
"id": "E2DF8100-39AB-11E9-ACA3-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-107676",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-16725",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2df8100-39ab-11e9-aca3-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2017-36865"
},
{
"db": "VULHUB",
"id": "VHN-107676"
},
{
"db": "VULMON",
"id": "CVE-2017-16725"
},
{
"db": "BID",
"id": "102125"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011817"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-359"
},
{
"db": "NVD",
"id": "CVE-2017-16725"
}
]
},
"id": "VAR-201712-0119",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2df8100-39ab-11e9-aca3-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2017-36865"
},
{
"db": "VULHUB",
"id": "VHN-107676"
}
],
"trust": 1.9
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2df8100-39ab-11e9-aca3-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2017-36865"
}
]
},
"last_update_date": "2025-04-20T23:25:53.937000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.xiongmaitech.com/en/index.php"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011817"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-107676"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011817"
},
{
"db": "NVD",
"id": "CVE-2017-16725"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-341-01"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/102125"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-16725"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-16725"
},
{
"trust": 0.3,
"url": "http://www.xiongmaitech.com/en/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-36865"
},
{
"db": "VULHUB",
"id": "VHN-107676"
},
{
"db": "VULMON",
"id": "CVE-2017-16725"
},
{
"db": "BID",
"id": "102125"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011817"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-359"
},
{
"db": "NVD",
"id": "CVE-2017-16725"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2df8100-39ab-11e9-aca3-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2017-36865"
},
{
"db": "VULHUB",
"id": "VHN-107676"
},
{
"db": "VULMON",
"id": "CVE-2017-16725"
},
{
"db": "BID",
"id": "102125"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011817"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-359"
},
{
"db": "NVD",
"id": "CVE-2017-16725"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-12T00:00:00",
"db": "IVD",
"id": "e2df8100-39ab-11e9-aca3-000c29342cb1"
},
{
"date": "2017-12-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-36865"
},
{
"date": "2017-12-20T00:00:00",
"db": "VULHUB",
"id": "VHN-107676"
},
{
"date": "2017-12-20T00:00:00",
"db": "VULMON",
"id": "CVE-2017-16725"
},
{
"date": "2017-12-07T00:00:00",
"db": "BID",
"id": "102125"
},
{
"date": "2018-01-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011817"
},
{
"date": "2017-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-359"
},
{
"date": "2017-12-20T19:29:00.257000",
"db": "NVD",
"id": "CVE-2017-16725"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-36865"
},
{
"date": "2018-01-12T00:00:00",
"db": "VULHUB",
"id": "VHN-107676"
},
{
"date": "2018-01-12T00:00:00",
"db": "VULMON",
"id": "CVE-2017-16725"
},
{
"date": "2017-12-19T22:01:00",
"db": "BID",
"id": "102125"
},
{
"date": "2018-01-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011817"
},
{
"date": "2017-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-359"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-16725"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-359"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Xiongmai Technology IP Cameras and DVRs Stack Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "e2df8100-39ab-11e9-aca3-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2017-36865"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "e2df8100-39ab-11e9-aca3-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-359"
}
],
"trust": 0.8
}
}
VAR-201810-0496
Vulnerability from variot - Updated: 2024-11-23 22:12All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use MAC addresses to enumerate potential Cloud IDs. Using this ID, the attacker can discover and connect to valid devices using one of the supported apps. focuses on security monitoring and video intelligence research and development. Multiple security weaknesses 2. Security bypass vulnerability Successfully exploiting these issues allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, bypass the authentication mechanism and gain unauthorized access. This may aid in launching further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0496",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "xmeye p2p cloud server",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "*"
},
{
"model": "xmeye p2p cloud server",
"scope": null,
"trust": 0.8,
"vendor": "xiongmai",
"version": null
},
{
"model": "ip cameras",
"scope": null,
"trust": 0.6,
"vendor": "xiongmai information",
"version": null
},
{
"model": "nvrs and dvrs incl. 3rd party oem devices",
"scope": null,
"trust": 0.6,
"vendor": "xiongmai information",
"version": null
},
{
"model": "xmeye p2p cloud server",
"scope": null,
"trust": 0.6,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "xiongmai technology xmeye p2p cloud server",
"scope": "eq",
"trust": 0.3,
"vendor": "",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "xmeye p2p cloud server",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2fcf412-39ab-11e9-a6e8-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-20454"
},
{
"db": "BID",
"id": "105722"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011248"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-499"
},
{
"db": "NVD",
"id": "CVE-2018-17917"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:xiongmai_technologies:xmeye_p2p_cloud_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011248"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stefan Viehb\u00f6ck on behalf of SEC Consult Vulnerability Lab",
"sources": [
{
"db": "BID",
"id": "105722"
}
],
"trust": 0.3
},
"cve": "CVE-2018-17917",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-17917",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-20454",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2fcf412-39ab-11e9-a6e8-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2018-17917",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-17917",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-17917",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2018-20454",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-499",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e2fcf412-39ab-11e9-a6e8-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2fcf412-39ab-11e9-a6e8-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-20454"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011248"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-499"
},
{
"db": "NVD",
"id": "CVE-2018-17917"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use MAC addresses to enumerate potential Cloud IDs. Using this ID, the attacker can discover and connect to valid devices using one of the supported apps. focuses on security monitoring and video intelligence research and development. Multiple security weaknesses\n2. Security bypass vulnerability\nSuccessfully exploiting these issues allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, bypass the authentication mechanism and gain unauthorized access. This may aid in launching further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-17917"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011248"
},
{
"db": "CNVD",
"id": "CNVD-2018-20454"
},
{
"db": "BID",
"id": "105722"
},
{
"db": "IVD",
"id": "e2fcf412-39ab-11e9-a6e8-000c29342cb1"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-17917",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-18-282-06",
"trust": 2.7
},
{
"db": "CNVD",
"id": "CNVD-2018-20454",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201810-499",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011248",
"trust": 0.8
},
{
"db": "BID",
"id": "105722",
"trust": 0.3
},
{
"db": "IVD",
"id": "E2FCF412-39AB-11E9-A6E8-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2fcf412-39ab-11e9-a6e8-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-20454"
},
{
"db": "BID",
"id": "105722"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011248"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-499"
},
{
"db": "NVD",
"id": "CVE-2018-17917"
}
]
},
"id": "VAR-201810-0496",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2fcf412-39ab-11e9-a6e8-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-20454"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2fcf412-39ab-11e9-a6e8-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-20454"
}
]
},
"last_update_date": "2024-11-23T22:12:19.187000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.xiongmaitech.com/en/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011248"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
},
{
"problemtype": "CWE-341",
"trust": 1.0
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011248"
},
{
"db": "NVD",
"id": "CVE-2018-17917"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-282-06"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-17917"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-17917"
},
{
"trust": 0.6,
"url": "https://seclists.org/fulldisclosure/2018/oct/22"
},
{
"trust": 0.3,
"url": "https://www.xmeye.net/index"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20454"
},
{
"db": "BID",
"id": "105722"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011248"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-499"
},
{
"db": "NVD",
"id": "CVE-2018-17917"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2fcf412-39ab-11e9-a6e8-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-20454"
},
{
"db": "BID",
"id": "105722"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011248"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-499"
},
{
"db": "NVD",
"id": "CVE-2018-17917"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-10T00:00:00",
"db": "IVD",
"id": "e2fcf412-39ab-11e9-a6e8-000c29342cb1"
},
{
"date": "2018-10-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-20454"
},
{
"date": "2018-10-09T00:00:00",
"db": "BID",
"id": "105722"
},
{
"date": "2019-01-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011248"
},
{
"date": "2018-10-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-499"
},
{
"date": "2018-10-10T15:29:00.363000",
"db": "NVD",
"id": "CVE-2018-17917"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-20454"
},
{
"date": "2018-10-09T00:00:00",
"db": "BID",
"id": "105722"
},
{
"date": "2019-01-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011248"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-499"
},
{
"date": "2024-11-21T03:55:12.310000",
"db": "NVD",
"id": "CVE-2018-17917"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-499"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server Vulnerable to information disclosure",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011248"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-499"
}
],
"trust": 0.6
}
}
VAR-201810-0495
Vulnerability from variot - Updated: 2024-11-23 22:12All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server do not encrypt all device communication. This includes the XMeye service and firmware update communication. This could allow an attacker to eavesdrop on video feeds, steal XMeye login credentials, or impersonate the update server with malicious update code. Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Hangzhou Xiongmai Information Technology Co., Ltd. focuses on security monitoring and video intelligence research and development. Multiple security weaknesses 2. Security bypass vulnerability Successfully exploiting these issues allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, bypass the authentication mechanism and gain unauthorized access. This may aid in launching further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0495",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "xmeye p2p cloud server",
"scope": "eq",
"trust": 1.6,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "xmeye p2p cloud server",
"scope": null,
"trust": 0.8,
"vendor": "xiongmai",
"version": null
},
{
"model": "ip cameras",
"scope": null,
"trust": 0.6,
"vendor": "xiongmai information",
"version": null
},
{
"model": "nvrs and dvrs incl. 3rd party oem devices",
"scope": null,
"trust": 0.6,
"vendor": "xiongmai information",
"version": null
},
{
"model": "xiongmai technology xmeye p2p cloud server",
"scope": "eq",
"trust": 0.3,
"vendor": "",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "xmeye p2p cloud server",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "e2fcf411-39ab-11e9-b97b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-20453"
},
{
"db": "BID",
"id": "105722"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011418"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-498"
},
{
"db": "NVD",
"id": "CVE-2018-17915"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:xiongmai_technologies:xmeye_p2p_cloud_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011418"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stefan Viehb\u00f6ck on behalf of SEC Consult Vulnerability Lab",
"sources": [
{
"db": "BID",
"id": "105722"
}
],
"trust": 0.3
},
"cve": "CVE-2018-17915",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-17915",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "CNVD-2018-20453",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "e2fcf411-39ab-11e9-b97b-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-17915",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-17915",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-17915",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2018-20453",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-498",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2fcf411-39ab-11e9-b97b-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2fcf411-39ab-11e9-b97b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-20453"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011418"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-498"
},
{
"db": "NVD",
"id": "CVE-2018-17915"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server do not encrypt all device communication. This includes the XMeye service and firmware update communication. This could allow an attacker to eavesdrop on video feeds, steal XMeye login credentials, or impersonate the update server with malicious update code. Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Hangzhou Xiongmai Information Technology Co., Ltd. focuses on security monitoring and video intelligence research and development. Multiple security weaknesses\n2. Security bypass vulnerability\nSuccessfully exploiting these issues allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, bypass the authentication mechanism and gain unauthorized access. This may aid in launching further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-17915"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011418"
},
{
"db": "CNVD",
"id": "CNVD-2018-20453"
},
{
"db": "BID",
"id": "105722"
},
{
"db": "IVD",
"id": "e2fcf411-39ab-11e9-b97b-000c29342cb1"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-17915",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-18-282-06",
"trust": 2.7
},
{
"db": "CNVD",
"id": "CNVD-2018-20453",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201810-498",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011418",
"trust": 0.8
},
{
"db": "BID",
"id": "105722",
"trust": 0.3
},
{
"db": "IVD",
"id": "E2FCF411-39AB-11E9-B97B-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2fcf411-39ab-11e9-b97b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-20453"
},
{
"db": "BID",
"id": "105722"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011418"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-498"
},
{
"db": "NVD",
"id": "CVE-2018-17915"
}
]
},
"id": "VAR-201810-0495",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2fcf411-39ab-11e9-b97b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-20453"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2fcf411-39ab-11e9-b97b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-20453"
}
]
},
"last_update_date": "2024-11-23T22:12:19.152000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.xiongmaitech.com/en/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011418"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-311",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011418"
},
{
"db": "NVD",
"id": "CVE-2018-17915"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-282-06"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-17915"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-17915"
},
{
"trust": 0.6,
"url": "https://seclists.org/fulldisclosure/2018/oct/22"
},
{
"trust": 0.3,
"url": "https://www.xmeye.net/index"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20453"
},
{
"db": "BID",
"id": "105722"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011418"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-498"
},
{
"db": "NVD",
"id": "CVE-2018-17915"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2fcf411-39ab-11e9-b97b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-20453"
},
{
"db": "BID",
"id": "105722"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011418"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-498"
},
{
"db": "NVD",
"id": "CVE-2018-17915"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-10T00:00:00",
"db": "IVD",
"id": "e2fcf411-39ab-11e9-b97b-000c29342cb1"
},
{
"date": "2018-10-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-20453"
},
{
"date": "2018-10-09T00:00:00",
"db": "BID",
"id": "105722"
},
{
"date": "2019-01-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011418"
},
{
"date": "2018-10-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-498"
},
{
"date": "2018-10-10T15:29:00.253000",
"db": "NVD",
"id": "CVE-2018-17915"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-20453"
},
{
"date": "2018-10-09T00:00:00",
"db": "BID",
"id": "105722"
},
{
"date": "2019-01-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011418"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-498"
},
{
"date": "2024-11-21T03:55:12.040000",
"db": "NVD",
"id": "CVE-2018-17915"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-498"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011418"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-498"
}
],
"trust": 0.6
}
}
VAR-201810-0497
Vulnerability from variot - Updated: 2024-11-23 22:12All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use an undocumented user account "default" with its default password to login to XMeye and access/view video streams. Hangzhou Xiongmai Information Technology Co., Ltd. focuses on security monitoring and video intelligence research and development. Multiple security weaknesses 2. Security bypass vulnerability Successfully exploiting these issues allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, bypass the authentication mechanism and gain unauthorized access. This may aid in launching further attacks. XMeye P2P Cloud Server product is vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0497",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "xmeye p2p cloud server",
"scope": "eq",
"trust": 1.0,
"vendor": "xiongmaitech",
"version": "*"
},
{
"model": "xmeye p2p cloud server",
"scope": null,
"trust": 0.8,
"vendor": "xiongmai",
"version": null
},
{
"model": "ip cameras",
"scope": null,
"trust": 0.6,
"vendor": "xiongmai information",
"version": null
},
{
"model": "nvrs and dvrs incl. 3rd party oem devices",
"scope": null,
"trust": 0.6,
"vendor": "xiongmai information",
"version": null
},
{
"model": "xmeye p2p cloud server",
"scope": null,
"trust": 0.6,
"vendor": "xiongmaitech",
"version": null
},
{
"model": "xiongmai technology xmeye p2p cloud server",
"scope": "eq",
"trust": 0.3,
"vendor": "",
"version": "0"
},
{
"model": "ip cameras",
"scope": "eq",
"trust": 0.2,
"vendor": "xiongmai information",
"version": "*"
},
{
"model": "nvrs and dvrs incl. 3rd party oem devices",
"scope": "eq",
"trust": 0.2,
"vendor": "xiongmai information",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2fd1b21-39ab-11e9-9d4b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-20455"
},
{
"db": "BID",
"id": "105722"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011238"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-500"
},
{
"db": "NVD",
"id": "CVE-2018-17919"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:xiongmai_technologies:xmeye_p2p_cloud_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011238"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stefan Viehb\u00f6ck on behalf of SEC Consult Vulnerability Lab",
"sources": [
{
"db": "BID",
"id": "105722"
}
],
"trust": 0.3
},
"cve": "CVE-2018-17919",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-17919",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-20455",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2fd1b21-39ab-11e9-9d4b-000c29342cb1",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2018-17919",
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-17919",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-17919",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2018-20455",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-500",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e2fd1b21-39ab-11e9-9d4b-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2fd1b21-39ab-11e9-9d4b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-20455"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011238"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-500"
},
{
"db": "NVD",
"id": "CVE-2018-17919"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use an undocumented user account \"default\" with its default password to login to XMeye and access/view video streams. Hangzhou Xiongmai Information Technology Co., Ltd. focuses on security monitoring and video intelligence research and development. Multiple security weaknesses\n2. Security bypass vulnerability\nSuccessfully exploiting these issues allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, bypass the authentication mechanism and gain unauthorized access. This may aid in launching further attacks. \nXMeye P2P Cloud Server product is vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-17919"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011238"
},
{
"db": "CNVD",
"id": "CNVD-2018-20455"
},
{
"db": "BID",
"id": "105722"
},
{
"db": "IVD",
"id": "e2fd1b21-39ab-11e9-9d4b-000c29342cb1"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-17919",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-18-282-06",
"trust": 2.7
},
{
"db": "CNVD",
"id": "CNVD-2018-20455",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201810-500",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011238",
"trust": 0.8
},
{
"db": "BID",
"id": "105722",
"trust": 0.3
},
{
"db": "IVD",
"id": "E2FD1B21-39AB-11E9-9D4B-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2fd1b21-39ab-11e9-9d4b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-20455"
},
{
"db": "BID",
"id": "105722"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011238"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-500"
},
{
"db": "NVD",
"id": "CVE-2018-17919"
}
]
},
"id": "VAR-201810-0497",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2fd1b21-39ab-11e9-9d4b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-20455"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2fd1b21-39ab-11e9-9d4b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-20455"
}
]
},
"last_update_date": "2024-11-23T22:12:19.118000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.xiongmaitech.com/en/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011238"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.8
},
{
"problemtype": "CWE-912",
"trust": 1.0
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011238"
},
{
"db": "NVD",
"id": "CVE-2018-17919"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-282-06"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-17919"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-17919"
},
{
"trust": 0.6,
"url": "https://seclists.org/fulldisclosure/2018/oct/22"
},
{
"trust": 0.3,
"url": "https://www.xmeye.net/index"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20455"
},
{
"db": "BID",
"id": "105722"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011238"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-500"
},
{
"db": "NVD",
"id": "CVE-2018-17919"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2fd1b21-39ab-11e9-9d4b-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-20455"
},
{
"db": "BID",
"id": "105722"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011238"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-500"
},
{
"db": "NVD",
"id": "CVE-2018-17919"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-10T00:00:00",
"db": "IVD",
"id": "e2fd1b21-39ab-11e9-9d4b-000c29342cb1"
},
{
"date": "2018-10-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-20455"
},
{
"date": "2018-10-09T00:00:00",
"db": "BID",
"id": "105722"
},
{
"date": "2019-01-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011238"
},
{
"date": "2018-10-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-500"
},
{
"date": "2018-10-10T15:29:00.487000",
"db": "NVD",
"id": "CVE-2018-17919"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-20455"
},
{
"date": "2018-10-09T00:00:00",
"db": "BID",
"id": "105722"
},
{
"date": "2019-01-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011238"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-500"
},
{
"date": "2024-11-21T03:55:12.570000",
"db": "NVD",
"id": "CVE-2018-17919"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-500"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server Vulnerabilities related to the use of hard-coded credentials",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011238"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-500"
}
],
"trust": 0.6
}
}
VAR-201611-0397
Vulnerability from variot - Updated: 2022-05-04 10:27Xiongmai camera has weak password in the background, allowing initial password login
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201611-0397",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "xiongmai",
"version": ";*"
}
],
"sources": [
{
"db": "IVD",
"id": "81a657c0-cd8c-11e6-9d9d-cec0c932ce01"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "81a657c0-cd8c-11e6-9d9d-cec0c932ce01",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "81a657c0-cd8c-11e6-9d9d-cec0c932ce01",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "81a657c0-cd8c-11e6-9d9d-cec0c932ce01"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Xiongmai camera has weak password in the background, allowing initial password login",
"sources": [
{
"db": "IVD",
"id": "81a657c0-cd8c-11e6-9d9d-cec0c932ce01"
}
],
"trust": 0.2
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "IVD",
"id": "81A657C0-CD8C-11E6-9D9D-CEC0C932CE01",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "81a657c0-cd8c-11e6-9d9d-cec0c932ce01"
}
]
},
"id": "VAR-201611-0397",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "81a657c0-cd8c-11e6-9d9d-cec0c932ce01"
}
],
"trust": 0.02
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "81a657c0-cd8c-11e6-9d9d-cec0c932ce01"
}
]
},
"last_update_date": "2022-05-04T10:27:02.361000Z",
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "81a657c0-cd8c-11e6-9d9d-cec0c932ce01"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-24T00:00:00",
"db": "IVD",
"id": "81a657c0-cd8c-11e6-9d9d-cec0c932ce01"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": []
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Xiongmai camera weak password in the background",
"sources": [
{
"db": "IVD",
"id": "81a657c0-cd8c-11e6-9d9d-cec0c932ce01"
}
],
"trust": 0.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Weak password",
"sources": [
{
"db": "IVD",
"id": "81a657c0-cd8c-11e6-9d9d-cec0c932ce01"
}
],
"trust": 0.2
}
}
VAR-201611-0395
Vulnerability from variot - Updated: 2022-05-04 09:04Xiongmai camera video unauthorized access , Directly view camera images
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201611-0395",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "xiongmai",
"version": ";*"
}
],
"sources": [
{
"db": "IVD",
"id": "6d2393e8-cd8d-11e6-9d9d-cec0c932ce01"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "6d2393e8-cd8d-11e6-9d9d-cec0c932ce01",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "6d2393e8-cd8d-11e6-9d9d-cec0c932ce01",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "6d2393e8-cd8d-11e6-9d9d-cec0c932ce01"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Xiongmai camera video unauthorized access , Directly view camera images",
"sources": [
{
"db": "IVD",
"id": "6d2393e8-cd8d-11e6-9d9d-cec0c932ce01"
}
],
"trust": 0.2
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "IVD",
"id": "6D2393E8-CD8D-11E6-9D9D-CEC0C932CE01",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "6d2393e8-cd8d-11e6-9d9d-cec0c932ce01"
}
]
},
"id": "VAR-201611-0395",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "6d2393e8-cd8d-11e6-9d9d-cec0c932ce01"
}
],
"trust": 0.02
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "6d2393e8-cd8d-11e6-9d9d-cec0c932ce01"
}
]
},
"last_update_date": "2022-05-04T09:04:51.389000Z",
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "6d2393e8-cd8d-11e6-9d9d-cec0c932ce01"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-24T00:00:00",
"db": "IVD",
"id": "6d2393e8-cd8d-11e6-9d9d-cec0c932ce01"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": []
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Xionmai camera unauthorized access",
"sources": [
{
"db": "IVD",
"id": "6d2393e8-cd8d-11e6-9d9d-cec0c932ce01"
}
],
"trust": 0.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unauthorized access",
"sources": [
{
"db": "IVD",
"id": "6d2393e8-cd8d-11e6-9d9d-cec0c932ce01"
}
],
"trust": 0.2
}
}