Find a vulnerability
Search criteria
3 vulnerabilities by hootoo
VAR-201705-4033
Vulnerability from variot - Updated: 2025-04-20 23:40Heap buffer overflow in vshttpd (aka ioos) in HooToo Trip Mate 6 (TM6) firmware 2.000.030 and earlier allows remote unauthenticated attackers to control the program counter via a specially crafted HTTP Cookie header. HooTooTripMate6 (TM6) is a portable wireless router from HooToo Corporation of the United States. Vshttpd (aka ioos) is one of the http servers. A heap buffer overflow vulnerability exists in vshttpd in HooTooTM6 firmware 2.000.030 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201705-4033",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "trip mate 6",
"scope": "lte",
"trust": 1.8,
"vendor": "hootoo",
"version": "2.000.030"
},
{
"model": "trip mate 6",
"scope": "lte",
"trust": 0.6,
"vendor": "hootoo",
"version": "\u003c=2.000.030"
},
{
"model": "trip mate 6",
"scope": "eq",
"trust": 0.6,
"vendor": "hootoo",
"version": "2.000.030"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07296"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004125"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-824"
},
{
"db": "NVD",
"id": "CVE-2017-9025"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:hootoo:trip_mate_6_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004125"
}
]
},
"cve": "CVE-2017-9025",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-9025",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2017-07296",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-117228",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-9025",
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-9025",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-9025",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-07296",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201705-824",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-117228",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07296"
},
{
"db": "VULHUB",
"id": "VHN-117228"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004125"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-824"
},
{
"db": "NVD",
"id": "CVE-2017-9025"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap buffer overflow in vshttpd (aka ioos) in HooToo Trip Mate 6 (TM6) firmware 2.000.030 and earlier allows remote unauthenticated attackers to control the program counter via a specially crafted HTTP Cookie header. HooTooTripMate6 (TM6) is a portable wireless router from HooToo Corporation of the United States. Vshttpd (aka ioos) is one of the http servers. A heap buffer overflow vulnerability exists in vshttpd in HooTooTM6 firmware 2.000.030 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9025"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004125"
},
{
"db": "CNVD",
"id": "CNVD-2017-07296"
},
{
"db": "VULHUB",
"id": "VHN-117228"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-9025",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004125",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201705-824",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-07296",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-117228",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07296"
},
{
"db": "VULHUB",
"id": "VHN-117228"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004125"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-824"
},
{
"db": "NVD",
"id": "CVE-2017-9025"
}
]
},
"id": "VAR-201705-4033",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07296"
},
{
"db": "VULHUB",
"id": "VHN-117228"
}
],
"trust": 1.325
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07296"
}
]
},
"last_update_date": "2025-04-20T23:40:05.082000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT-TM06 - TripMate Elite (New) Wireless Travel Router",
"trust": 0.8,
"url": "https://www.hootoo.com/hootoo-tripmate-ht-tm06-wireless-router.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004125"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117228"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004125"
},
{
"db": "NVD",
"id": "CVE-2017-9025"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://debugtrap.com/2017/05/09/tm06-vulnerabilities/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9025"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9025"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07296"
},
{
"db": "VULHUB",
"id": "VHN-117228"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004125"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-824"
},
{
"db": "NVD",
"id": "CVE-2017-9025"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-07296"
},
{
"db": "VULHUB",
"id": "VHN-117228"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004125"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-824"
},
{
"db": "NVD",
"id": "CVE-2017-9025"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-07296"
},
{
"date": "2017-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-117228"
},
{
"date": "2017-06-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004125"
},
{
"date": "2017-05-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-824"
},
{
"date": "2017-05-17T10:29:00.197000",
"db": "NVD",
"id": "CVE-2017-9025"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-07296"
},
{
"date": "2017-05-24T00:00:00",
"db": "VULHUB",
"id": "VHN-117228"
},
{
"date": "2017-06-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004125"
},
{
"date": "2017-05-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-824"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-9025"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-824"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HooToo Trip Mate 6 Firmware vshttpd Heap buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004125"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-824"
}
],
"trust": 0.6
}
}
VAR-201705-4034
Vulnerability from variot - Updated: 2025-04-20 23:32Stack buffer overflow in vshttpd (aka ioos) in HooToo Trip Mate 6 (TM6) firmware 2.000.030 and earlier allows remote unauthenticated attackers to control the program counter via a specially crafted fname parameter of a GET request. HooTooTripMate6 (TM6) is a portable wireless router from HooToo Corporation of the United States. Vshttpd (aka ioos) is one of the http servers. A stack buffer overflow vulnerability exists in vshttpd in HooTooTM6 firmware 2.000.030 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201705-4034",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "trip mate 6",
"scope": "lte",
"trust": 1.8,
"vendor": "hootoo",
"version": "2.000.030"
},
{
"model": "trip mate 6",
"scope": "lte",
"trust": 0.6,
"vendor": "hootoo",
"version": "\u003c=2.000.030"
},
{
"model": "trip mate 6",
"scope": "eq",
"trust": 0.6,
"vendor": "hootoo",
"version": "2.000.030"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07295"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004126"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-823"
},
{
"db": "NVD",
"id": "CVE-2017-9026"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:hootoo:trip_mate_6_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004126"
}
]
},
"cve": "CVE-2017-9026",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-9026",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2017-07295",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-117229",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-9026",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-9026",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-9026",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2017-07295",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201705-823",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-117229",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07295"
},
{
"db": "VULHUB",
"id": "VHN-117229"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004126"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-823"
},
{
"db": "NVD",
"id": "CVE-2017-9026"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack buffer overflow in vshttpd (aka ioos) in HooToo Trip Mate 6 (TM6) firmware 2.000.030 and earlier allows remote unauthenticated attackers to control the program counter via a specially crafted fname parameter of a GET request. HooTooTripMate6 (TM6) is a portable wireless router from HooToo Corporation of the United States. Vshttpd (aka ioos) is one of the http servers. A stack buffer overflow vulnerability exists in vshttpd in HooTooTM6 firmware 2.000.030 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9026"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004126"
},
{
"db": "CNVD",
"id": "CNVD-2017-07295"
},
{
"db": "VULHUB",
"id": "VHN-117229"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-9026",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004126",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201705-823",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-07295",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-117229",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07295"
},
{
"db": "VULHUB",
"id": "VHN-117229"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004126"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-823"
},
{
"db": "NVD",
"id": "CVE-2017-9026"
}
]
},
"id": "VAR-201705-4034",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07295"
},
{
"db": "VULHUB",
"id": "VHN-117229"
}
],
"trust": 1.325
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07295"
}
]
},
"last_update_date": "2025-04-20T23:32:12.512000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT-TM06 - TripMate Elite (New) Wireless Travel Router",
"trust": 0.8,
"url": "https://www.hootoo.com/hootoo-tripmate-ht-tm06-wireless-router.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004126"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117229"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004126"
},
{
"db": "NVD",
"id": "CVE-2017-9026"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://debugtrap.com/2017/05/09/tm06-vulnerabilities/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9026"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9026"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07295"
},
{
"db": "VULHUB",
"id": "VHN-117229"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004126"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-823"
},
{
"db": "NVD",
"id": "CVE-2017-9026"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-07295"
},
{
"db": "VULHUB",
"id": "VHN-117229"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004126"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-823"
},
{
"db": "NVD",
"id": "CVE-2017-9026"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-07295"
},
{
"date": "2017-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-117229"
},
{
"date": "2017-06-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004126"
},
{
"date": "2017-05-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-823"
},
{
"date": "2017-05-17T10:29:00.230000",
"db": "NVD",
"id": "CVE-2017-9026"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-07295"
},
{
"date": "2017-05-24T00:00:00",
"db": "VULHUB",
"id": "VHN-117229"
},
{
"date": "2017-06-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004126"
},
{
"date": "2017-05-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-823"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-9026"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-823"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HooToo Trip Mate 6 Firmware vshttpd Stack buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004126"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-823"
}
],
"trust": 0.6
}
}
VAR-201906-1177
Vulnerability from variot - Updated: 2024-11-23 22:41HooToo TripMate Titan HT-TM05 and HT-05 routers with firmware 2.000.022 and 2.000.082 allow remote command execution via shell metacharacters in the mac parameter of a protocol.csp?function=set&fname=security&opt=mac_table request. HooToo TripMate Titan HT-TM05 and HT-05 Router firmware includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HooToo TripMate Titan HT-TM05 is a portable wireless router produced by American company HooToo. The vulnerability stems from the fact that the network system or product does not correctly filter special characters, commands, etc. in the process of constructing executable commands of the operating system from external input data. Attackers can exploit this vulnerability to execute illegal operating system commands
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "tripmate titan ht-tm05",
"scope": "eq",
"trust": 1.8,
"vendor": "hootoo",
"version": "2.000.022"
},
{
"_id": null,
"model": "tripmate titan ht-tm05",
"scope": "eq",
"trust": 1.8,
"vendor": "hootoo",
"version": "2.000.082"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015609"
},
{
"db": "NVD",
"id": "CVE-2018-20841"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:hootoo:tripmate_titan_ht-tm05_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015609"
}
]
},
"cve": "CVE-2018-20841",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-20841",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-131688",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-20841",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-20841",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-20841",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201906-398",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-131688",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-20841",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-131688"
},
{
"db": "VULMON",
"id": "CVE-2018-20841"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015609"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-398"
},
{
"db": "NVD",
"id": "CVE-2018-20841"
}
]
},
"description": {
"_id": null,
"data": "HooToo TripMate Titan HT-TM05 and HT-05 routers with firmware 2.000.022 and 2.000.082 allow remote command execution via shell metacharacters in the mac parameter of a protocol.csp?function=set\u0026fname=security\u0026opt=mac_table request. HooToo TripMate Titan HT-TM05 and HT-05 Router firmware includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HooToo TripMate Titan HT-TM05 is a portable wireless router produced by American company HooToo. The vulnerability stems from the fact that the network system or product does not correctly filter special characters, commands, etc. in the process of constructing executable commands of the operating system from external input data. Attackers can exploit this vulnerability to execute illegal operating system commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-20841"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015609"
},
{
"db": "VULHUB",
"id": "VHN-131688"
},
{
"db": "VULMON",
"id": "CVE-2018-20841"
}
],
"trust": 1.8
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-20841",
"trust": 2.6
},
{
"db": "EXPLOIT-DB",
"id": "46143",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015609",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201906-398",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-131688",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-20841",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-131688"
},
{
"db": "VULMON",
"id": "CVE-2018-20841"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015609"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-398"
},
{
"db": "NVD",
"id": "CVE-2018-20841"
}
]
},
"id": "VAR-201906-1177",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-131688"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:41:28.759000Z",
"patch": {
"_id": null,
"data": [
{
"title": "HT-TM05 TripMate Versatile Wireless N Travel Router",
"trust": 0.8,
"url": "https://www.hootoo.com/hootoo-tripmate-ht-tm05-wireless-router.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015609"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-78",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-131688"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015609"
},
{
"db": "NVD",
"id": "CVE-2018-20841"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.6,
"url": "https://ioactive.com/hootoo-tripmate-routers-are-cute-but/"
},
{
"trust": 1.8,
"url": "https://www.exploit-db.com/exploits/46143"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20841"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-20841"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-131688"
},
{
"db": "VULMON",
"id": "CVE-2018-20841"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015609"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-398"
},
{
"db": "NVD",
"id": "CVE-2018-20841"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-131688",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2018-20841",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015609",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201906-398",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-20841",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2019-06-11T00:00:00",
"db": "VULHUB",
"id": "VHN-131688",
"ident": null
},
{
"date": "2019-06-11T00:00:00",
"db": "VULMON",
"id": "CVE-2018-20841",
"ident": null
},
{
"date": "2019-06-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015609",
"ident": null
},
{
"date": "2019-06-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-398",
"ident": null
},
{
"date": "2019-06-11T21:29:00.567000",
"db": "NVD",
"id": "CVE-2018-20841",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2019-06-12T00:00:00",
"db": "VULHUB",
"id": "VHN-131688",
"ident": null
},
{
"date": "2019-06-12T00:00:00",
"db": "VULMON",
"id": "CVE-2018-20841",
"ident": null
},
{
"date": "2019-06-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015609",
"ident": null
},
{
"date": "2019-06-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-398",
"ident": null
},
{
"date": "2024-11-21T04:02:17.343000",
"db": "NVD",
"id": "CVE-2018-20841",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-398"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "HooToo TripMate Titan HT-TM05 and HT-05 In router firmware OS Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015609"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-398"
}
],
"trust": 0.6
}
}