Find a vulnerability
Search criteria
32 vulnerabilities by netcomm
CVE-2025-4010 (GCVE-0-2025-4010)
Vulnerability from nvd – Published: 2025-06-02 07:00 – Updated: 2025-06-02 13:33- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
| URL | Tags |
|---|---|
| https://www.onekey.com/resource/security-advisory… | third-party-advisory |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4010",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-02T13:32:46.531648Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T13:33:15.587Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "NTC 6200",
"vendor": "Netcomm",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NWL-222",
"vendor": "Netcomm",
"versions": [
{
"lessThan": "2.1.21.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ONEKEY Research Labs"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The Netcom NTC 6200 and NWL 222 series expose a web interface to be configured and set up by operators. Multiple\u0026nbsp;endpoints of the web interface are vulnerable to arbitrary command injection and use insecure hardcoded passwords. Remote authenticated attackers can gain arbitrary code execution with elevated privileges."
}
],
"value": "The Netcom NTC 6200 and NWL 222 series expose a web interface to be configured and set up by operators. Multiple\u00a0endpoints of the web interface are vulnerable to arbitrary command injection and use insecure hardcoded passwords. Remote authenticated attackers can gain arbitrary code execution with elevated privileges."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T07:00:52.366Z",
"orgId": "2d533b80-6e4a-4e20-93e2-171235122846",
"shortName": "ONEKEY"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.onekey.com/resource/security-advisory-remote-command-execution-on-netcomm-ntc-6200-and-nwl-222"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Arbitrary Command Injection in Netcom NTC-6200 \u0026 NWL-222",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2d533b80-6e4a-4e20-93e2-171235122846",
"assignerShortName": "ONEKEY",
"cveId": "CVE-2025-4010",
"datePublished": "2025-06-02T07:00:52.366Z",
"dateReserved": "2025-04-27T08:51:17.231Z",
"dateUpdated": "2025-06-02T13:33:15.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-4874 (GCVE-0-2022-4874)
Vulnerability from nvd – Published: 2023-01-11 20:39 – Updated: 2025-11-04 19:14{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T19:14:31.884Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/scarvell/advisories/blob/main/2022_netcomm_nf20mesh_unauth_rce.md"
},
{
"url": "https://www.kb.cert.org/vuls/id/986018"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-4874",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-09T14:13:36.023102Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T14:14:13.898Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "NF20",
"vendor": "Netcomm",
"versions": [
{
"status": "affected",
"version": "R6B025"
}
]
},
{
"product": "NF20MESH",
"vendor": "Netcomm",
"versions": [
{
"status": "affected",
"version": "R6B025"
}
]
},
{
"product": "NL1902",
"vendor": "Netcomm",
"versions": [
{
"status": "affected",
"version": "R6B025"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Authentication bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows an unauthenticated user to access content. In order to serve static content, the application performs a check for the existence of specific characters in the URL (.css, .png etc). If it exists, it performs a \"fake login\" to give the request an active session to load the file and not redirect to the login page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-288",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-11T20:39:25.219Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://github.com/scarvell/advisories/blob/main/2022_netcomm_nf20mesh_unauth_rce.md"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Authenticated bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows unauthenticated user to get access to content.",
"x_generator": {
"engine": "VINCE 2.0.5",
"env": "prod",
"origin": "https://cveawg.mitre.org/api//cve/CVE-2022-4874"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2022-4874",
"datePublished": "2023-01-11T20:39:25.219Z",
"dateReserved": "2023-01-04T14:23:54.409Z",
"dateUpdated": "2025-11-04T19:14:31.884Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-4873 (GCVE-0-2022-4873)
Vulnerability from nvd – Published: 2023-01-11 20:39 – Updated: 2025-11-04 19:14{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T19:14:30.799Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/scarvell/advisories/blob/main/2022_netcomm_nf20mesh_unauth_rce.md"
},
{
"url": "https://www.kb.cert.org/vuls/id/986018"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-4873",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-09T14:10:05.519246Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T14:10:34.217Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "NF20",
"vendor": "Netcomm",
"versions": [
{
"status": "affected",
"version": "R6B025"
}
]
},
{
"product": "NF20MESH",
"vendor": "Netcomm",
"versions": [
{
"status": "affected",
"version": "R6B025"
}
]
},
{
"product": "NL1902",
"vendor": "Netcomm",
"versions": [
{
"status": "affected",
"version": "R6B025"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "On Netcomm router models NF20MESH, NF20, and NL1902 a stack based buffer overflow affects the sessionKey parameter. By providing a specific number of bytes, the instruction pointer is able to be overwritten on the stack and crashes the application at a known location."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-11T20:39:53.548Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://github.com/scarvell/advisories/blob/main/2022_netcomm_nf20mesh_unauth_rce.md"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Stack based overflow on Netcomm router models NF20MESH, NF20, and NL1902",
"x_generator": {
"engine": "VINCE 2.0.5",
"env": "prod",
"origin": "https://cveawg.mitre.org/api//cve/CVE-2022-4873"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2022-4873",
"datePublished": "2023-01-11T20:39:53.548Z",
"dateReserved": "2023-01-04T14:15:10.778Z",
"dateUpdated": "2025-11-04T19:14:30.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2017-11647 (GCVE-0-2017-11647)
Vulnerability from nvd – Published: 2017-07-28 05:00 – Updated: 2024-08-05 18:12- n/a
| URL | Tags |
|---|---|
| https://iscouncil.blogspot.com/2017/07/cross-site… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:12:40.746Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://iscouncil.blogspot.com/2017/07/cross-site-scripting-vulnerability-in.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to stored cross-site scripting attacks. Creating an SSID with an XSS payload results in successful exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T04:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://iscouncil.blogspot.com/2017/07/cross-site-scripting-vulnerability-in.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11647",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to stored cross-site scripting attacks. Creating an SSID with an XSS payload results in successful exploitation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://iscouncil.blogspot.com/2017/07/cross-site-scripting-vulnerability-in.html",
"refsource": "MISC",
"url": "https://iscouncil.blogspot.com/2017/07/cross-site-scripting-vulnerability-in.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-11647",
"datePublished": "2017-07-28T05:00:00.000Z",
"dateReserved": "2017-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-05T18:12:40.746Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11646 (GCVE-0-2017-11646)
Vulnerability from nvd – Published: 2017-07-28 05:00 – Updated: 2024-08-05 18:12- n/a
| URL | Tags |
|---|---|
| https://iscouncil.blogspot.com/2017/07/cross-site… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:12:40.748Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://iscouncil.blogspot.com/2017/07/cross-site-request-forgery.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to CSRF attacks, as demonstrated by using administration.html to disable the firewall. They does not contain any token that can mitigate CSRF vulnerabilities within the device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T04:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://iscouncil.blogspot.com/2017/07/cross-site-request-forgery.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11646",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to CSRF attacks, as demonstrated by using administration.html to disable the firewall. They does not contain any token that can mitigate CSRF vulnerabilities within the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://iscouncil.blogspot.com/2017/07/cross-site-request-forgery.html",
"refsource": "MISC",
"url": "https://iscouncil.blogspot.com/2017/07/cross-site-request-forgery.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-11646",
"datePublished": "2017-07-28T05:00:00.000Z",
"dateReserved": "2017-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-05T18:12:40.748Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11645 (GCVE-0-2017-11645)
Vulnerability from nvd – Published: 2017-07-28 05:00 – Updated: 2024-08-05 18:12- n/a
| URL | Tags |
|---|---|
| https://iscouncil.blogspot.com/2017/07/access-vio… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:12:40.798Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://iscouncil.blogspot.com/2017/07/access-violation-vulnerability-in.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 do not require authentication for logfile.html, status.html, or system_config.html."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T04:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://iscouncil.blogspot.com/2017/07/access-violation-vulnerability-in.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11645",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 do not require authentication for logfile.html, status.html, or system_config.html."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://iscouncil.blogspot.com/2017/07/access-violation-vulnerability-in.html",
"refsource": "MISC",
"url": "https://iscouncil.blogspot.com/2017/07/access-violation-vulnerability-in.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-11645",
"datePublished": "2017-07-28T05:00:00.000Z",
"dateReserved": "2017-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-05T18:12:40.798Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-4010 (GCVE-0-2025-4010)
Vulnerability from cvelistv5 – Published: 2025-06-02 07:00 – Updated: 2025-06-02 13:33- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
| URL | Tags |
|---|---|
| https://www.onekey.com/resource/security-advisory… | third-party-advisory |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4010",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-02T13:32:46.531648Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T13:33:15.587Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "NTC 6200",
"vendor": "Netcomm",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NWL-222",
"vendor": "Netcomm",
"versions": [
{
"lessThan": "2.1.21.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ONEKEY Research Labs"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The Netcom NTC 6200 and NWL 222 series expose a web interface to be configured and set up by operators. Multiple\u0026nbsp;endpoints of the web interface are vulnerable to arbitrary command injection and use insecure hardcoded passwords. Remote authenticated attackers can gain arbitrary code execution with elevated privileges."
}
],
"value": "The Netcom NTC 6200 and NWL 222 series expose a web interface to be configured and set up by operators. Multiple\u00a0endpoints of the web interface are vulnerable to arbitrary command injection and use insecure hardcoded passwords. Remote authenticated attackers can gain arbitrary code execution with elevated privileges."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T07:00:52.366Z",
"orgId": "2d533b80-6e4a-4e20-93e2-171235122846",
"shortName": "ONEKEY"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.onekey.com/resource/security-advisory-remote-command-execution-on-netcomm-ntc-6200-and-nwl-222"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Arbitrary Command Injection in Netcom NTC-6200 \u0026 NWL-222",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2d533b80-6e4a-4e20-93e2-171235122846",
"assignerShortName": "ONEKEY",
"cveId": "CVE-2025-4010",
"datePublished": "2025-06-02T07:00:52.366Z",
"dateReserved": "2025-04-27T08:51:17.231Z",
"dateUpdated": "2025-06-02T13:33:15.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-4873 (GCVE-0-2022-4873)
Vulnerability from cvelistv5 – Published: 2023-01-11 20:39 – Updated: 2025-11-04 19:14{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T19:14:30.799Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/scarvell/advisories/blob/main/2022_netcomm_nf20mesh_unauth_rce.md"
},
{
"url": "https://www.kb.cert.org/vuls/id/986018"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-4873",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-09T14:10:05.519246Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T14:10:34.217Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "NF20",
"vendor": "Netcomm",
"versions": [
{
"status": "affected",
"version": "R6B025"
}
]
},
{
"product": "NF20MESH",
"vendor": "Netcomm",
"versions": [
{
"status": "affected",
"version": "R6B025"
}
]
},
{
"product": "NL1902",
"vendor": "Netcomm",
"versions": [
{
"status": "affected",
"version": "R6B025"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "On Netcomm router models NF20MESH, NF20, and NL1902 a stack based buffer overflow affects the sessionKey parameter. By providing a specific number of bytes, the instruction pointer is able to be overwritten on the stack and crashes the application at a known location."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-11T20:39:53.548Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://github.com/scarvell/advisories/blob/main/2022_netcomm_nf20mesh_unauth_rce.md"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Stack based overflow on Netcomm router models NF20MESH, NF20, and NL1902",
"x_generator": {
"engine": "VINCE 2.0.5",
"env": "prod",
"origin": "https://cveawg.mitre.org/api//cve/CVE-2022-4873"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2022-4873",
"datePublished": "2023-01-11T20:39:53.548Z",
"dateReserved": "2023-01-04T14:15:10.778Z",
"dateUpdated": "2025-11-04T19:14:30.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-4874 (GCVE-0-2022-4874)
Vulnerability from cvelistv5 – Published: 2023-01-11 20:39 – Updated: 2025-11-04 19:14{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T19:14:31.884Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/scarvell/advisories/blob/main/2022_netcomm_nf20mesh_unauth_rce.md"
},
{
"url": "https://www.kb.cert.org/vuls/id/986018"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-4874",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-09T14:13:36.023102Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T14:14:13.898Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "NF20",
"vendor": "Netcomm",
"versions": [
{
"status": "affected",
"version": "R6B025"
}
]
},
{
"product": "NF20MESH",
"vendor": "Netcomm",
"versions": [
{
"status": "affected",
"version": "R6B025"
}
]
},
{
"product": "NL1902",
"vendor": "Netcomm",
"versions": [
{
"status": "affected",
"version": "R6B025"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Authentication bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows an unauthenticated user to access content. In order to serve static content, the application performs a check for the existence of specific characters in the URL (.css, .png etc). If it exists, it performs a \"fake login\" to give the request an active session to load the file and not redirect to the login page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-288",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-11T20:39:25.219Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://github.com/scarvell/advisories/blob/main/2022_netcomm_nf20mesh_unauth_rce.md"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Authenticated bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows unauthenticated user to get access to content.",
"x_generator": {
"engine": "VINCE 2.0.5",
"env": "prod",
"origin": "https://cveawg.mitre.org/api//cve/CVE-2022-4874"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2022-4874",
"datePublished": "2023-01-11T20:39:25.219Z",
"dateReserved": "2023-01-04T14:23:54.409Z",
"dateUpdated": "2025-11-04T19:14:31.884Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2017-11646 (GCVE-0-2017-11646)
Vulnerability from cvelistv5 – Published: 2017-07-28 05:00 – Updated: 2024-08-05 18:12- n/a
| URL | Tags |
|---|---|
| https://iscouncil.blogspot.com/2017/07/cross-site… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:12:40.748Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://iscouncil.blogspot.com/2017/07/cross-site-request-forgery.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to CSRF attacks, as demonstrated by using administration.html to disable the firewall. They does not contain any token that can mitigate CSRF vulnerabilities within the device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T04:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://iscouncil.blogspot.com/2017/07/cross-site-request-forgery.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11646",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to CSRF attacks, as demonstrated by using administration.html to disable the firewall. They does not contain any token that can mitigate CSRF vulnerabilities within the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://iscouncil.blogspot.com/2017/07/cross-site-request-forgery.html",
"refsource": "MISC",
"url": "https://iscouncil.blogspot.com/2017/07/cross-site-request-forgery.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-11646",
"datePublished": "2017-07-28T05:00:00.000Z",
"dateReserved": "2017-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-05T18:12:40.748Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11645 (GCVE-0-2017-11645)
Vulnerability from cvelistv5 – Published: 2017-07-28 05:00 – Updated: 2024-08-05 18:12- n/a
| URL | Tags |
|---|---|
| https://iscouncil.blogspot.com/2017/07/access-vio… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:12:40.798Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://iscouncil.blogspot.com/2017/07/access-violation-vulnerability-in.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 do not require authentication for logfile.html, status.html, or system_config.html."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T04:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://iscouncil.blogspot.com/2017/07/access-violation-vulnerability-in.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11645",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 do not require authentication for logfile.html, status.html, or system_config.html."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://iscouncil.blogspot.com/2017/07/access-violation-vulnerability-in.html",
"refsource": "MISC",
"url": "https://iscouncil.blogspot.com/2017/07/access-violation-vulnerability-in.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-11645",
"datePublished": "2017-07-28T05:00:00.000Z",
"dateReserved": "2017-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-05T18:12:40.798Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11647 (GCVE-0-2017-11647)
Vulnerability from cvelistv5 – Published: 2017-07-28 05:00 – Updated: 2024-08-05 18:12- n/a
| URL | Tags |
|---|---|
| https://iscouncil.blogspot.com/2017/07/cross-site… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:12:40.746Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://iscouncil.blogspot.com/2017/07/cross-site-scripting-vulnerability-in.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to stored cross-site scripting attacks. Creating an SSID with an XSS payload results in successful exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T04:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://iscouncil.blogspot.com/2017/07/cross-site-scripting-vulnerability-in.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11647",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to stored cross-site scripting attacks. Creating an SSID with an XSS payload results in successful exploitation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://iscouncil.blogspot.com/2017/07/cross-site-scripting-vulnerability-in.html",
"refsource": "MISC",
"url": "https://iscouncil.blogspot.com/2017/07/cross-site-scripting-vulnerability-in.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-11647",
"datePublished": "2017-07-28T05:00:00.000Z",
"dateReserved": "2017-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-05T18:12:40.746Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
VAR-201707-0799
Vulnerability from variot - Updated: 2025-04-20 23:36NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 do not require authentication for logfile.html, status.html, or system_config.html. NetComm Wireless 4GT101W Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NetCommWireless4GT101Wrouters is a wireless router product from NetCommWireless, Australia. A security vulnerability exists in the NetCommWireless4GT101W router running hardware version 0.01/software version 1.1.8.8/bootloader version 1.1.3. The vulnerability stems from a program failing to perform identity on logfile.html, status.html, or system_config.html pages. verification. An attacker could exploit the vulnerability to obtain information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-0799",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "4gt101w software",
"scope": "eq",
"trust": 2.4,
"vendor": "netcomm",
"version": "1.1.8.8"
},
{
"model": "4gt101w bootloader",
"scope": "eq",
"trust": 1.0,
"vendor": "netcomm",
"version": "1.1.3"
},
{
"model": "4gt101w boot loader",
"scope": "eq",
"trust": 0.8,
"vendor": "netcomm",
"version": "1.1.3"
},
{
"model": "wireless 4gt101w routers",
"scope": "eq",
"trust": 0.6,
"vendor": "netcomm",
"version": "0.01"
},
{
"model": "wireless 4gt101w routers",
"scope": "eq",
"trust": 0.6,
"vendor": "netcomm",
"version": "v1.1.8.8"
},
{
"model": "wireless 4gt101w routers",
"scope": "eq",
"trust": 0.6,
"vendor": "netcomm",
"version": "1.1.3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19556"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006637"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-1380"
},
{
"db": "NVD",
"id": "CVE-2017-11645"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:netcommwireless:4gt101w_software",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netcommwireless:4gt101w_bootloader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006637"
}
]
},
"cve": "CVE-2017-11645",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-11645",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-19556",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-11645",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-11645",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-11645",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2017-19556",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201707-1380",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19556"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006637"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-1380"
},
{
"db": "NVD",
"id": "CVE-2017-11645"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 do not require authentication for logfile.html, status.html, or system_config.html. NetComm Wireless 4GT101W Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NetCommWireless4GT101Wrouters is a wireless router product from NetCommWireless, Australia. A security vulnerability exists in the NetCommWireless4GT101W router running hardware version 0.01/software version 1.1.8.8/bootloader version 1.1.3. The vulnerability stems from a program failing to perform identity on logfile.html, status.html, or system_config.html pages. verification. An attacker could exploit the vulnerability to obtain information",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-11645"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006637"
},
{
"db": "CNVD",
"id": "CNVD-2017-19556"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-11645",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006637",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-19556",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201707-1380",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19556"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006637"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-1380"
},
{
"db": "NVD",
"id": "CVE-2017-11645"
}
]
},
"id": "VAR-201707-0799",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19556"
}
],
"trust": 1.2999999999999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19556"
}
]
},
"last_update_date": "2025-04-20T23:36:48.871000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.netcommwireless.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006637"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006637"
},
{
"db": "NVD",
"id": "CVE-2017-11645"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://iscouncil.blogspot.com/2017/07/access-violation-vulnerability-in.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-11645"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-11645"
},
{
"trust": 0.8,
"url": "https://iscouncil.blogspot.jp/2017/07/access-violation-vulnerability-in.html"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19556"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006637"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-1380"
},
{
"db": "NVD",
"id": "CVE-2017-11645"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-19556"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006637"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-1380"
},
{
"db": "NVD",
"id": "CVE-2017-11645"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-19556"
},
{
"date": "2017-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006637"
},
{
"date": "2017-07-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-1380"
},
{
"date": "2017-07-28T05:29:00.387000",
"db": "NVD",
"id": "CVE-2017-11645"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-19556"
},
{
"date": "2017-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006637"
},
{
"date": "2017-07-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-1380"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-11645"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-1380"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetComm Wireless 4GT101W Authentication vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006637"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-1380"
}
],
"trust": 0.6
}
}
VAR-201707-0843
Vulnerability from variot - Updated: 2025-04-20 23:34NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to CSRF attacks, as demonstrated by using administration.html to disable the firewall. They does not contain any token that can mitigate CSRF vulnerabilities within the device. NetComm Wireless 4GT101W Contains a cross-site request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NetCommWireless4GT101Wrouters is a wireless router product from NetCommWireless, Australia. A cross-site request forgery vulnerability exists in the NetCommWireless4GT101W router running hardware version 0.01/software version 1.1.8.8/bootloader version 1.1.3. A remote attacker could exploit this vulnerability to perform unauthorized operations
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-0843",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "4gt101w software",
"scope": "eq",
"trust": 2.4,
"vendor": "netcomm",
"version": "1.1.8.8"
},
{
"model": "4gt101w bootloader",
"scope": "eq",
"trust": 1.0,
"vendor": "netcomm",
"version": "1.1.3"
},
{
"model": "4gt101w boot loader",
"scope": "eq",
"trust": 0.8,
"vendor": "netcomm",
"version": "1.1.3"
},
{
"model": "wireless 4gt101w routers",
"scope": "eq",
"trust": 0.6,
"vendor": "netcomm",
"version": "0.01"
},
{
"model": "wireless 4gt101w routers",
"scope": "eq",
"trust": 0.6,
"vendor": "netcomm",
"version": "v1.1.8.8"
},
{
"model": "wireless 4gt101w routers",
"scope": "eq",
"trust": 0.6,
"vendor": "netcomm",
"version": "1.1.3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19557"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006638"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-1312"
},
{
"db": "NVD",
"id": "CVE-2017-11646"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:netcommwireless:4gt101w_software",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netcommwireless:4gt101w_bootloader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006638"
}
]
},
"cve": "CVE-2017-11646",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-11646",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2017-19557",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-11646",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-11646",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-11646",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-19557",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201707-1312",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19557"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006638"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-1312"
},
{
"db": "NVD",
"id": "CVE-2017-11646"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to CSRF attacks, as demonstrated by using administration.html to disable the firewall. They does not contain any token that can mitigate CSRF vulnerabilities within the device. NetComm Wireless 4GT101W Contains a cross-site request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NetCommWireless4GT101Wrouters is a wireless router product from NetCommWireless, Australia. A cross-site request forgery vulnerability exists in the NetCommWireless4GT101W router running hardware version 0.01/software version 1.1.8.8/bootloader version 1.1.3. A remote attacker could exploit this vulnerability to perform unauthorized operations",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-11646"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006638"
},
{
"db": "CNVD",
"id": "CNVD-2017-19557"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-11646",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006638",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-19557",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201707-1312",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19557"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006638"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-1312"
},
{
"db": "NVD",
"id": "CVE-2017-11646"
}
]
},
"id": "VAR-201707-0843",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19557"
}
],
"trust": 1.2999999999999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19557"
}
]
},
"last_update_date": "2025-04-20T23:34:19.994000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.netcommwireless.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006638"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006638"
},
{
"db": "NVD",
"id": "CVE-2017-11646"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://iscouncil.blogspot.com/2017/07/cross-site-request-forgery.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-11646"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-11646"
},
{
"trust": 0.8,
"url": "https://iscouncil.blogspot.jp/2017/07/cross-site-request-forgery.html"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19557"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006638"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-1312"
},
{
"db": "NVD",
"id": "CVE-2017-11646"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-19557"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006638"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-1312"
},
{
"db": "NVD",
"id": "CVE-2017-11646"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-19557"
},
{
"date": "2017-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006638"
},
{
"date": "2017-07-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-1312"
},
{
"date": "2017-07-28T05:29:00.417000",
"db": "NVD",
"id": "CVE-2017-11646"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-19557"
},
{
"date": "2017-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006638"
},
{
"date": "2017-07-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-1312"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-11646"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-1312"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetComm Wireless 4GT101W Router Cross-Site Request Forgery Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19557"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-1312"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-1312"
}
],
"trust": 0.6
}
}
VAR-201711-0017
Vulnerability from variot - Updated: 2025-04-20 23:29IBM Jazz technology based products might divulge information that might be useful in helping attackers through error messages. IBM X-Force ID: 116868. Vendors have confirmed this vulnerability IBM X-Force ID: 116868 It is released as.Information may be obtained. NetCommWirelessWirelessRouter is a wireless router from NetComm Australia. A security vulnerability exists in NetCommWirelessWirelessRouter that allows a remote attacker to exploit a vulnerability to submit a special request to execute arbitrary commands in the context of an application
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0017",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.0.1"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.0.2"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "rational software architect design manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "rational doors next generation",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "wireless hspa 3g10wve-l101-s306ets",
"scope": null,
"trust": 0.9,
"vendor": "netcomm",
"version": null
},
{
"model": "rational collaborative lifecycle management",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational doors next generation",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational engineering lifecycle manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational quality manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational rhapsody design manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational software architect design manager",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "rational team concert",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "wireless hspa 3g10wve-l101-s306ets",
"scope": "ne",
"trust": 0.3,
"vendor": "netcomm",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-02427"
},
{
"db": "BID",
"id": "96384"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008865"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-811"
},
{
"db": "NVD",
"id": "CVE-2016-6024"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:rational_collaborative_lifecycle_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_doors_next_generation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_engineering_lifecycle_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_quality_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_rhapsody_design_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_software_architect_design_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:rational_team_concert",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008865"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bhadresh Patel.",
"sources": [
{
"db": "BID",
"id": "96384"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-811"
}
],
"trust": 0.9
},
"cve": "CVE-2016-6024",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2016-6024",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-02427",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2016-6024",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-6024",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-6024",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-02427",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201702-811",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-02427"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008865"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-811"
},
{
"db": "NVD",
"id": "CVE-2016-6024"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz technology based products might divulge information that might be useful in helping attackers through error messages. IBM X-Force ID: 116868. Vendors have confirmed this vulnerability IBM X-Force ID: 116868 It is released as.Information may be obtained. NetCommWirelessWirelessRouter is a wireless router from NetComm Australia. A security vulnerability exists in NetCommWirelessWirelessRouter that allows a remote attacker to exploit a vulnerability to submit a special request to execute arbitrary commands in the context of an application",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6024"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008865"
},
{
"db": "CNVD",
"id": "CNVD-2017-02427"
},
{
"db": "BID",
"id": "96384"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-6024",
"trust": 3.3
},
{
"db": "BID",
"id": "96384",
"trust": 1.5
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008865",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-02427",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201702-811",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-02427"
},
{
"db": "BID",
"id": "96384"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008865"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-811"
},
{
"db": "NVD",
"id": "CVE-2016-6024"
}
]
},
"id": "VAR-201711-0017",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-02427"
}
],
"trust": 1.2666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-02427"
}
]
},
"last_update_date": "2025-04-20T23:29:32.308000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "2010512",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22010512"
},
{
"title": "Patch for NetCommWirelessWirelessRouter Remote Command Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/90004"
},
{
"title": "NetCommWireless Wireless Router Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68098"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-02427"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008865"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-811"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008865"
},
{
"db": "NVD",
"id": "CVE-2016-6024"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.ibm.com/support/docview.wss?uid=swg22010512"
},
{
"trust": 1.6,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/116868"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/96384"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6024"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6024"
},
{
"trust": 0.3,
"url": "http://www.netcommwireless.com/"
},
{
"trust": 0.3,
"url": "http://seclists.org/fulldisclosure/2016/may/18"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-02427"
},
{
"db": "BID",
"id": "96384"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008865"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-811"
},
{
"db": "NVD",
"id": "CVE-2016-6024"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-02427"
},
{
"db": "BID",
"id": "96384"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008865"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-811"
},
{
"db": "NVD",
"id": "CVE-2016-6024"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-02427"
},
{
"date": "2017-02-09T00:00:00",
"db": "BID",
"id": "96384"
},
{
"date": "2017-12-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008865"
},
{
"date": "2017-02-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-811"
},
{
"date": "2017-11-27T21:29:00.220000",
"db": "NVD",
"id": "CVE-2016-6024"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-02427"
},
{
"date": "2017-03-07T01:06:00",
"db": "BID",
"id": "96384"
},
{
"date": "2017-12-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008865"
},
{
"date": "2017-11-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-811"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2016-6024"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-811"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Jazz Information disclosure vulnerabilities in technology-based products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008865"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-811"
}
],
"trust": 0.6
}
}
VAR-201707-0844
Vulnerability from variot - Updated: 2025-04-20 23:26NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to stored cross-site scripting attacks. Creating an SSID with an XSS payload results in successful exploitation. NetComm Wireless 4GT101W Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. NetCommWireless4GT101Wrouters is a wireless router product from NetCommWireless, Australia. A remote attacker can exploit this vulnerability to inject arbitrary web scripts or HTML
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-0844",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "4gt101w software",
"scope": "eq",
"trust": 2.4,
"vendor": "netcomm",
"version": "1.1.8.8"
},
{
"model": "4gt101w bootloader",
"scope": "eq",
"trust": 1.0,
"vendor": "netcomm",
"version": "1.1.3"
},
{
"model": "4gt101w boot loader",
"scope": "eq",
"trust": 0.8,
"vendor": "netcomm",
"version": "1.1.3"
},
{
"model": "wireless 4gt101w routers",
"scope": "eq",
"trust": 0.6,
"vendor": "netcomm",
"version": "0.01"
},
{
"model": "wireless 4gt101w routers",
"scope": "eq",
"trust": 0.6,
"vendor": "netcomm",
"version": "v1.1.8.8"
},
{
"model": "wireless 4gt101w routers",
"scope": "eq",
"trust": 0.6,
"vendor": "netcomm",
"version": "1.1.3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19558"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006639"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-1311"
},
{
"db": "NVD",
"id": "CVE-2017-11647"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:netcommwireless:4gt101w_software",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netcommwireless:4gt101w_bootloader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006639"
}
]
},
"cve": "CVE-2017-11647",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2017-11647",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CNVD-2017-19558",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"id": "CVE-2017-11647",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-11647",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-11647",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-19558",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201707-1311",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19558"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006639"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-1311"
},
{
"db": "NVD",
"id": "CVE-2017-11647"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to stored cross-site scripting attacks. Creating an SSID with an XSS payload results in successful exploitation. NetComm Wireless 4GT101W Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. NetCommWireless4GT101Wrouters is a wireless router product from NetCommWireless, Australia. A remote attacker can exploit this vulnerability to inject arbitrary web scripts or HTML",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-11647"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006639"
},
{
"db": "CNVD",
"id": "CNVD-2017-19558"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-11647",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006639",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-19558",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201707-1311",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19558"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006639"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-1311"
},
{
"db": "NVD",
"id": "CVE-2017-11647"
}
]
},
"id": "VAR-201707-0844",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19558"
}
],
"trust": 1.2999999999999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19558"
}
]
},
"last_update_date": "2025-04-20T23:26:03.084000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.netcommwireless.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006639"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006639"
},
{
"db": "NVD",
"id": "CVE-2017-11647"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://iscouncil.blogspot.com/2017/07/cross-site-scripting-vulnerability-in.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-11647"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-11647"
},
{
"trust": 0.8,
"url": "https://iscouncil.blogspot.jp/2017/07/cross-site-scripting-vulnerability-in.html"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19558"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006639"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-1311"
},
{
"db": "NVD",
"id": "CVE-2017-11647"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-19558"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006639"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-1311"
},
{
"db": "NVD",
"id": "CVE-2017-11647"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-19558"
},
{
"date": "2017-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006639"
},
{
"date": "2017-07-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-1311"
},
{
"date": "2017-07-28T05:29:00.450000",
"db": "NVD",
"id": "CVE-2017-11647"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-19558"
},
{
"date": "2017-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006639"
},
{
"date": "2017-07-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-1311"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-11647"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-1311"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetComm Wireless 4GT101W Router Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19558"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-1311"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-1311"
}
],
"trust": 0.6
}
}
VAR-201709-0051
Vulnerability from variot - Updated: 2025-04-20 23:21OpenStage 60 and OpenScape Desk Phone IP 55G SIP V3, OpenStage 15, 20E, 20 and 40 and OpenScape Desk Phone IP 35G SIP V3, OpenScape Desk Phone IP 35G Eco SIP V3, OpenStage 60 and OpenScape Desk Phone IP 55G HFA V3, OpenStage 15, 20E, 20, and 40 and OpenScape Desk Phone IP 35G HFA V3, and OpenScape Desk Phone IP 35G Eco HFA V3 use non-unique X.509 certificates and SSH host keys. Many embedded devices are not unique X.509 Certificate and SSH Spoofing and intermediary because host key is used (man-in-the-middle) There is a possibility of being attacked and attacks such as decryption of communication contents. The encryption key is hard-coded (CWE-321) SEC Consult of Stefan Viehböck According to the survey, many embedded devices are not unique X.509 Certificate and SSH It is said that it is accessible from the Internet using a host key. A hard-coded key in a firmware image or a repository stored by scanning the Internet scans.io ( In particular SSH And the result of SSL Certificate ) A device that uses a certificate whose fingerprint matches the data of can be determined to be vulnerable. Affected devices include household routers and IP From the camera VoIP Wide range of products. CWE-321: Use of Hard-coded Cryptographic Key http://cwe.mitre.org/data/definitions/321.html scans.io https://scans.io/ SSH Result of https://scans.io/series/ssh-rsa-full-ipv4 SSL Certificate https://scans.io/study/sonar.ssl In many vulnerable devices, certificate and key reuse is limited to a limited product line by a specific developer, but there are several examples where multiple developers use the same certificate or key. Or exist. These are common SDK Firmware developed using, or ISP Provided by OEM The root cause is the use of device firmware. Vulnerable equipment is impersonation and intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. Perhaps the attacker can obtain authentication information and other sensitive information and use it for further attacks. Survey results and certificates SSH For more information on systems affected by host key issues, see SEC Consult See the blog post. Certificate https://www.sec-consult.com/download/certificates.html SSH Host key https://www.sec-consult.com/download/ssh_host_keys.html SEC Consult http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.htmlA remote attacker impersonates a user or intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. As a result, confidential information may be leaked. UnifyOpenStage60 and so on are all IP phones from Unify. A remote attacker could exploit the vulnerability to exploit a man-in-the-middle attack or decrypt communication between legitimate users and devices
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-0051",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openscape desk phone ip 35g hfa",
"scope": "eq",
"trust": 1.6,
"vendor": "unify",
"version": "3.0"
},
{
"model": "openscape desk phone ip 55g sip",
"scope": "eq",
"trust": 1.6,
"vendor": "unify",
"version": "3.0"
},
{
"model": "openstage 60",
"scope": "eq",
"trust": 1.6,
"vendor": "unify",
"version": "3.0"
},
{
"model": "openstage 20",
"scope": "eq",
"trust": 1.6,
"vendor": "unify",
"version": "3.0"
},
{
"model": "openscape desk phone ip 35g eco sip",
"scope": "eq",
"trust": 1.6,
"vendor": "unify",
"version": "3.0"
},
{
"model": "openstage 40",
"scope": "eq",
"trust": 1.6,
"vendor": "unify",
"version": "3.0"
},
{
"model": "openscape desk phone ip 55g hfa",
"scope": "eq",
"trust": 1.6,
"vendor": "unify",
"version": "3.0"
},
{
"model": "openstage 20e",
"scope": "eq",
"trust": 1.6,
"vendor": "unify",
"version": "3.0"
},
{
"model": "openscape desk phone ip 35g sip",
"scope": "eq",
"trust": 1.6,
"vendor": "unify",
"version": "3.0"
},
{
"model": "openstage 15",
"scope": "eq",
"trust": 1.6,
"vendor": "unify",
"version": "3.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "actiontec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "general electric",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netcomm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sierra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "technicolor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubiquiti",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "unify",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zte",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "c1000z",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "fr1000z",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "gs1900-24",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "gs1900-8",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1100-n",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1100-nh",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1121-ni",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1123-ac",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1123-ni",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "p-660hn-51",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "p-663hn-51",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "p8702n",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "pmg5318-b20a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "q1000",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "sbg3300-n000",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "sbg3300-nb00",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "sbg3500-n000",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg1312-b10a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg1312-b30a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg1312-b30b",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg4380-b10a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg8324-b10a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg8924-b10a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg8924-b30a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vsg1435-b101",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "",
"scope": null,
"trust": 0.8,
"vendor": "multiple vendors",
"version": null
},
{
"model": "openstage",
"scope": "eq",
"trust": 0.6,
"vendor": "unify",
"version": "60"
},
{
"model": "openscape desk phone ip 55g sip",
"scope": "eq",
"trust": 0.6,
"vendor": "unify",
"version": "v3"
},
{
"model": "openscape desk phone ip 35g sip",
"scope": "eq",
"trust": 0.6,
"vendor": "unify",
"version": "v3"
},
{
"model": "openstage",
"scope": "eq",
"trust": 0.6,
"vendor": "unify",
"version": "40"
},
{
"model": "openstage",
"scope": "eq",
"trust": 0.6,
"vendor": "unify",
"version": "20"
},
{
"model": "openstage 20e",
"scope": null,
"trust": 0.6,
"vendor": "unify",
"version": null
},
{
"model": "openstage",
"scope": "eq",
"trust": 0.6,
"vendor": "unify",
"version": "15"
},
{
"model": "openscape desk phone ip 55g hfa",
"scope": "eq",
"trust": 0.6,
"vendor": "unify",
"version": "v3"
},
{
"model": "openscape desk phone ip 35g hfa",
"scope": "eq",
"trust": 0.6,
"vendor": "unify",
"version": "v3"
},
{
"model": "openscape desk phone ip 35g eco hfa",
"scope": "eq",
"trust": 0.6,
"vendor": "unify",
"version": "v3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "CNVD",
"id": "CNVD-2017-33799"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1157"
},
{
"db": "NVD",
"id": "CVE-2015-8251"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:zyxel:c1000z_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:fr1000z_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:gs1900-24_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:gs1900-8_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1100-n_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1100-nh_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1121-ni_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1123-ac_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1123-ni_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:p-660hn-51_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:p-663hn-51_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:p8702n_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:pmg5318-b20a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:q1000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:sbg3300-n000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:sbg3300-nb00_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:sbg3500-n000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg1312-b10a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg1312-b30a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg1312-b30b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg4380-b10a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg8324-b10a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg8924-b10a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg8924-b30a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vsg1435-b101_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:misc:multiple_vendors",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
}
]
},
"cve": "CVE-2015-8251",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-8251",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-8251",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2017-33799",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-86212",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2015-8251",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-8251",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-8251",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-33799",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201709-1157",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-86212",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-33799"
},
{
"db": "VULHUB",
"id": "VHN-86212"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1157"
},
{
"db": "NVD",
"id": "CVE-2015-8251"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenStage 60 and OpenScape Desk Phone IP 55G SIP V3, OpenStage 15, 20E, 20 and 40 and OpenScape Desk Phone IP 35G SIP V3, OpenScape Desk Phone IP 35G Eco SIP V3, OpenStage 60 and OpenScape Desk Phone IP 55G HFA V3, OpenStage 15, 20E, 20, and 40 and OpenScape Desk Phone IP 35G HFA V3, and OpenScape Desk Phone IP 35G Eco HFA V3 use non-unique X.509 certificates and SSH host keys. Many embedded devices are not unique X.509 Certificate and SSH Spoofing and intermediary because host key is used (man-in-the-middle) There is a possibility of being attacked and attacks such as decryption of communication contents. The encryption key is hard-coded (CWE-321) SEC Consult of Stefan Viehb\u0026#246;ck According to the survey, many embedded devices are not unique X.509 Certificate and SSH It is said that it is accessible from the Internet using a host key. A hard-coded key in a firmware image or a repository stored by scanning the Internet scans.io ( In particular SSH And the result of SSL Certificate ) A device that uses a certificate whose fingerprint matches the data of can be determined to be vulnerable. Affected devices include household routers and IP From the camera VoIP Wide range of products. CWE-321: Use of Hard-coded Cryptographic Key http://cwe.mitre.org/data/definitions/321.html scans.io https://scans.io/ SSH Result of https://scans.io/series/ssh-rsa-full-ipv4 SSL Certificate https://scans.io/study/sonar.ssl In many vulnerable devices, certificate and key reuse is limited to a limited product line by a specific developer, but there are several examples where multiple developers use the same certificate or key. Or exist. These are common SDK Firmware developed using, or ISP Provided by OEM The root cause is the use of device firmware. Vulnerable equipment is impersonation and intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. Perhaps the attacker can obtain authentication information and other sensitive information and use it for further attacks. Survey results and certificates SSH For more information on systems affected by host key issues, see SEC Consult See the blog post. Certificate https://www.sec-consult.com/download/certificates.html SSH Host key https://www.sec-consult.com/download/ssh_host_keys.html SEC Consult http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.htmlA remote attacker impersonates a user or intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. As a result, confidential information may be leaked. UnifyOpenStage60 and so on are all IP phones from Unify. A remote attacker could exploit the vulnerability to exploit a man-in-the-middle attack or decrypt communication between legitimate users and devices",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8251"
},
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNVD",
"id": "CNVD-2017-33799"
},
{
"db": "VULHUB",
"id": "VHN-86212"
}
],
"trust": 2.97
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#566724",
"trust": 3.9
},
{
"db": "NVD",
"id": "CVE-2015-8251",
"trust": 3.1
},
{
"db": "JVN",
"id": "JVNVU96100360",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1157",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-33799",
"trust": 0.6
},
{
"db": "BID",
"id": "84118",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-86212",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "CNVD",
"id": "CNVD-2017-33799"
},
{
"db": "VULHUB",
"id": "VHN-86212"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1157"
},
{
"db": "NVD",
"id": "CVE-2015-8251"
}
]
},
"id": "VAR-201709-0051",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-33799"
},
{
"db": "VULHUB",
"id": "VHN-86212"
}
],
"trust": 1.192671785
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-33799"
}
]
},
"last_update_date": "2025-04-20T23:21:26.580000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Zyxel to Fix SSH Private Key and Certificate Vulnerability (CVE-2015-7256)",
"trust": 0.8,
"url": "http://www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-86212"
},
{
"db": "NVD",
"id": "CVE-2015-8251"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://www.kb.cert.org/vuls/id/566724"
},
{
"trust": 1.7,
"url": "https://networks.unify.com/security/advisories/obso-1511-02-a.pdf"
},
{
"trust": 1.7,
"url": "https://networks.unify.com/security/advisories/obso-1511-02.pdf"
},
{
"trust": 1.7,
"url": "https://www.kb.cert.org/vuls/id/bluu-a2ppze"
},
{
"trust": 1.6,
"url": "http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.html"
},
{
"trust": 0.8,
"url": "http://blog.sec-consult.com/2016/09/house-of-keys-9-months-later-40-worse.html"
},
{
"trust": 0.8,
"url": "https://www.sec-consult.com/download/certificates.html"
},
{
"trust": 0.8,
"url": "https://www.sec-consult.com/download/ssh_host_keys.html"
},
{
"trust": 0.8,
"url": "https://scans.io/"
},
{
"trust": 0.8,
"url": "https://scans.io/series/ssh-rsa-full-ipv4"
},
{
"trust": 0.8,
"url": "https://scans.io/study/sonar.ssl"
},
{
"trust": 0.8,
"url": "https://censys.io"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6358"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7255"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7256"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7276"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8251"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu96100360/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7256"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6358"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7255"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7276"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8251"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "CNVD",
"id": "CNVD-2017-33799"
},
{
"db": "VULHUB",
"id": "VHN-86212"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1157"
},
{
"db": "NVD",
"id": "CVE-2015-8251"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "CNVD",
"id": "CNVD-2017-33799"
},
{
"db": "VULHUB",
"id": "VHN-86212"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1157"
},
{
"db": "NVD",
"id": "CVE-2015-8251"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-25T00:00:00",
"db": "CERT/CC",
"id": "VU#566724"
},
{
"date": "2017-11-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-33799"
},
{
"date": "2017-09-25T00:00:00",
"db": "VULHUB",
"id": "VHN-86212"
},
{
"date": "2016-02-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"date": "2017-09-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-1157"
},
{
"date": "2017-09-25T21:29:00.913000",
"db": "NVD",
"id": "CVE-2015-8251"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-06T00:00:00",
"db": "CERT/CC",
"id": "VU#566724"
},
{
"date": "2017-11-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-33799"
},
{
"date": "2017-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-86212"
},
{
"date": "2018-02-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"date": "2017-11-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-1157"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2015-8251"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-1157"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Embedded devices use non-unique X.509 certificates and SSH host keys",
"sources": [
{
"db": "CERT/CC",
"id": "VU#566724"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-1157"
}
],
"trust": 0.6
}
}
VAR-201710-0035
Vulnerability from variot - Updated: 2025-04-20 23:21Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913. The encryption key is hard-coded (CWE-321) SEC Consult of Stefan Viehböck According to the survey, many embedded devices are not unique X.509 Certificate and SSH It is said that it is accessible from the Internet using a host key. A hard-coded key in a firmware image or a repository stored by scanning the Internet scans.io ( In particular SSH And the result of SSL Certificate ) A device that uses a certificate whose fingerprint matches the data of can be determined to be vulnerable. Affected devices include household routers and IP From the camera VoIP Wide range of products. CWE-321: Use of Hard-coded Cryptographic Key http://cwe.mitre.org/data/definitions/321.html scans.io https://scans.io/ SSH Result of https://scans.io/series/ssh-rsa-full-ipv4 SSL Certificate https://scans.io/study/sonar.ssl In many vulnerable devices, certificate and key reuse is limited to a limited product line by a specific developer, but there are several examples where multiple developers use the same certificate or key. Or exist. These are common SDK Firmware developed using, or ISP Provided by OEM The root cause is the use of device firmware. Vulnerable equipment is impersonation and intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. Perhaps the attacker can obtain authentication information and other sensitive information and use it for further attacks. Survey results and certificates SSH For more information on systems affected by host key issues, see SEC Consult See the blog post. Certificate https://www.sec-consult.com/download/certificates.html SSH Host key https://www.sec-consult.com/download/ssh_host_keys.html SEC Consult http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.htmlA remote attacker impersonates a user or intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. As a result, confidential information may be leaked. The Cisco RV320 Dual Gigabit WAN VPN is a router product from Cisco Systems, USA. Multiple Cisco Products are prone to an information-disclosure vulnerability. Successful exploits will lead to other attacks. This issue is being tracked by Cisco Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913. The flaw stems from the fact that the program does not generate unique keys and certificates
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201710-0035",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "srp520-u",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.2.6"
},
{
"model": "rv180w",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0.5.4"
},
{
"model": "srp520",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.01.29"
},
{
"model": "spa400",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1.2.2"
},
{
"model": "wap4410n",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0.7.8"
},
{
"model": "rv220w",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0.4.17"
},
{
"model": "pvc2300",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1.2.6"
},
{
"model": "rv120w",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0.5.9"
},
{
"model": "wrv210",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0.1.5"
},
{
"model": "rvs4000",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0.3.4"
},
{
"model": "wrv200",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0.39"
},
{
"model": "wvc2300",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1.2.6"
},
{
"model": "srw224p",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0.2.4"
},
{
"model": "wap2000",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0.8.0"
},
{
"model": "rv180",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0.5.4"
},
{
"model": "wrp500",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0.1.002"
},
{
"model": "wap4400n",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "rv325",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.1.10"
},
{
"model": "rtp300",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.24"
},
{
"model": "wrvs4400n",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0.2.2"
},
{
"model": "rv320",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.1.10"
},
{
"model": "wap200",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0.6.0"
},
{
"model": "wet200",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0.8.0"
},
{
"model": "rv315w",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.01.03"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "actiontec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "general electric",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netcomm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sierra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "technicolor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubiquiti",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "unify",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zte",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "c1000z",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "fr1000z",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "gs1900-24",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "gs1900-8",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1100-n",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1100-nh",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1121-ni",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1123-ac",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1123-ni",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "p-660hn-51",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "p-663hn-51",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "p8702n",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "pmg5318-b20a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "q1000",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "sbg3300-n000",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "sbg3300-nb00",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "sbg3500-n000",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg1312-b10a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg1312-b30a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg1312-b30b",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg4380-b10a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg8324-b10a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg8924-b10a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg8924-b30a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vsg1435-b101",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "",
"scope": null,
"trust": 0.8,
"vendor": "multiple vendors",
"version": null
},
{
"model": "rv320 dual gigabit wan vpn router",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "rv325 dual gigabit wan vpn router",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "rv325 dual wan gigabit vpn router",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "rvs4000 4-port gigabit security router vpn",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "wrv210 wireless-g vpn router rangebooster",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "wap4410n wireless-n access point poe/advanced security",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "wrv200 wireless-g vpn router rangebooster",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "wrvs4400n wireless",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "srw224p",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "2.0.2.4"
},
{
"model": "wap4400n",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "wvc2300",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.1.2.6"
},
{
"model": "rv180",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0.5.4"
},
{
"model": "wap200",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "2.0.6.0"
},
{
"model": "wrvs4400n",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "2.0.2.2"
},
{
"model": "rv180w",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0.5.4"
},
{
"model": "wap2000",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "2.0.8.0"
},
{
"model": "pvc2300",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.1.2.6"
},
{
"model": "wet200",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "2.0.8.0"
},
{
"model": "wvc2300 wireless-g business internet video camera audio",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "wrvs4400n wireless-n gigabit security router vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-2.0"
},
{
"model": "wrv210 wireless-g vpn router rangebooster",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "wrv200 wireless-g vpn router rangebooster",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "wrp500 wireless-ac broadband router with phone ports",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20"
},
{
"model": "wet200 wireless-g business ethernet bridge",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wap4410n wireless-n access point poe/advanced security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "wap4400n wireless-n access point poe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "wap2000 wireless-g access point poe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "wap200 wireless-g access point poe/rangebooster",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "srw224p 24-port 2-port gigabit switch webview/poe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10/100+-0"
},
{
"model": "spa400 internet telephony gateway with fxo ports",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40"
},
{
"model": "small business srp520-u models",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "small business srp520 models",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rvs4000 4-port gigabit security router vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "rv325 dual wan gigabit vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rv325 dual gigabit wan vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rv320 dual gigabit wan vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rv315w wireless-n vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rv220w wireless network security firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rv180w wireless-n multifunction vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rv180 vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rv120w wireless-n vpn firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rtp300 broadband router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "pvc2300 business internet video camera audio/poe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "CNVD",
"id": "CNVD-2015-07863"
},
{
"db": "BID",
"id": "78047"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-426"
},
{
"db": "NVD",
"id": "CVE-2015-6358"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:zyxel:c1000z_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:fr1000z_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:gs1900-24_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:gs1900-8_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1100-n_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1100-nh_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1121-ni_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1123-ac_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1123-ni_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:p-660hn-51_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:p-663hn-51_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:p8702n_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:pmg5318-b20a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:q1000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:sbg3300-n000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:sbg3300-nb00_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:sbg3500-n000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg1312-b10a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg1312-b30a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg1312-b30b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg4380-b10a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg8324-b10a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg8924-b10a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg8924-b30a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vsg1435-b101_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:misc:multiple_vendors",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stefan Viehb\u00f6ck of SEC Consult.",
"sources": [
{
"db": "BID",
"id": "78047"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6358",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6358",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-6358",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-07863",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84319",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2015-6358",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6358",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6358",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-07863",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201511-426",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-84319",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07863"
},
{
"db": "VULHUB",
"id": "VHN-84319"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-426"
},
{
"db": "NVD",
"id": "CVE-2015-6358"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913. The encryption key is hard-coded (CWE-321) SEC Consult of Stefan Viehb\u0026#246;ck According to the survey, many embedded devices are not unique X.509 Certificate and SSH It is said that it is accessible from the Internet using a host key. A hard-coded key in a firmware image or a repository stored by scanning the Internet scans.io ( In particular SSH And the result of SSL Certificate ) A device that uses a certificate whose fingerprint matches the data of can be determined to be vulnerable. Affected devices include household routers and IP From the camera VoIP Wide range of products. CWE-321: Use of Hard-coded Cryptographic Key http://cwe.mitre.org/data/definitions/321.html scans.io https://scans.io/ SSH Result of https://scans.io/series/ssh-rsa-full-ipv4 SSL Certificate https://scans.io/study/sonar.ssl In many vulnerable devices, certificate and key reuse is limited to a limited product line by a specific developer, but there are several examples where multiple developers use the same certificate or key. Or exist. These are common SDK Firmware developed using, or ISP Provided by OEM The root cause is the use of device firmware. Vulnerable equipment is impersonation and intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. Perhaps the attacker can obtain authentication information and other sensitive information and use it for further attacks. Survey results and certificates SSH For more information on systems affected by host key issues, see SEC Consult See the blog post. Certificate https://www.sec-consult.com/download/certificates.html SSH Host key https://www.sec-consult.com/download/ssh_host_keys.html SEC Consult http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.htmlA remote attacker impersonates a user or intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. As a result, confidential information may be leaked. The Cisco RV320 Dual Gigabit WAN VPN is a router product from Cisco Systems, USA. Multiple Cisco Products are prone to an information-disclosure vulnerability. Successful exploits will lead to other attacks. \nThis issue is being tracked by Cisco Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913. The flaw stems from the fact that the program does not generate unique keys and certificates",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6358"
},
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNVD",
"id": "CNVD-2015-07863"
},
{
"db": "BID",
"id": "78047"
},
{
"db": "VULHUB",
"id": "VHN-84319"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#566724",
"trust": 3.6
},
{
"db": "NVD",
"id": "CVE-2015-6358",
"trust": 3.4
},
{
"db": "BID",
"id": "78047",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1034257",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1034255",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1034258",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1034256",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU96100360",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201511-426",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-07863",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-84319",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "CNVD",
"id": "CNVD-2015-07863"
},
{
"db": "VULHUB",
"id": "VHN-84319"
},
{
"db": "BID",
"id": "78047"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-426"
},
{
"db": "NVD",
"id": "CVE-2015-6358"
}
]
},
"id": "VAR-201710-0035",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07863"
},
{
"db": "VULHUB",
"id": "VHN-84319"
}
],
"trust": 1.365750996923077
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07863"
}
]
},
"last_update_date": "2025-04-20T23:21:26.541000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Zyxel to Fix SSH Private Key and Certificate Vulnerability (CVE-2015-7256)",
"trust": 0.8,
"url": "http://www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml"
},
{
"title": "Patches for multiple Cisco product information disclosure vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/67387"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07863"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-295",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84319"
},
{
"db": "NVD",
"id": "CVE-2015-6358"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.kb.cert.org/vuls/id/566724"
},
{
"trust": 2.6,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151125-ci"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/78047"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1034255"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1034256"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1034257"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1034258"
},
{
"trust": 1.6,
"url": "http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.html"
},
{
"trust": 0.8,
"url": "http://blog.sec-consult.com/2016/09/house-of-keys-9-months-later-40-worse.html"
},
{
"trust": 0.8,
"url": "https://www.sec-consult.com/download/certificates.html"
},
{
"trust": 0.8,
"url": "https://www.sec-consult.com/download/ssh_host_keys.html"
},
{
"trust": 0.8,
"url": "https://scans.io/"
},
{
"trust": 0.8,
"url": "https://scans.io/series/ssh-rsa-full-ipv4"
},
{
"trust": 0.8,
"url": "https://scans.io/study/sonar.ssl"
},
{
"trust": 0.8,
"url": "https://censys.io"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6358"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7255"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7256"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7276"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8251"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu96100360/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7256"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6358"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7255"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7276"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8251"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/bluu-a2nqxj"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "CNVD",
"id": "CNVD-2015-07863"
},
{
"db": "VULHUB",
"id": "VHN-84319"
},
{
"db": "BID",
"id": "78047"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-426"
},
{
"db": "NVD",
"id": "CVE-2015-6358"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "CNVD",
"id": "CNVD-2015-07863"
},
{
"db": "VULHUB",
"id": "VHN-84319"
},
{
"db": "BID",
"id": "78047"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-426"
},
{
"db": "NVD",
"id": "CVE-2015-6358"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-25T00:00:00",
"db": "CERT/CC",
"id": "VU#566724"
},
{
"date": "2015-12-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07863"
},
{
"date": "2017-10-12T00:00:00",
"db": "VULHUB",
"id": "VHN-84319"
},
{
"date": "2015-11-25T00:00:00",
"db": "BID",
"id": "78047"
},
{
"date": "2016-02-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"date": "2015-11-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-426"
},
{
"date": "2017-10-12T15:29:00.217000",
"db": "NVD",
"id": "CVE-2015-6358"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-06T00:00:00",
"db": "CERT/CC",
"id": "VU#566724"
},
{
"date": "2015-12-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07863"
},
{
"date": "2017-11-03T00:00:00",
"db": "VULHUB",
"id": "VHN-84319"
},
{
"date": "2015-11-25T00:00:00",
"db": "BID",
"id": "78047"
},
{
"date": "2018-02-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"date": "2017-10-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-426"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2015-6358"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-426"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Embedded devices use non-unique X.509 certificates and SSH host keys",
"sources": [
{
"db": "CERT/CC",
"id": "VU#566724"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-426"
}
],
"trust": 0.6
}
}
VAR-201709-0027
Vulnerability from variot - Updated: 2025-04-20 23:21ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, and VSG1435-B101 DSL CPEs; PMG5318-B20A GPONs; SBG3300-N000, SBG3300-NB00, and SBG3500-N000 small business gateways; GS1900-8 and GS1900-24 switches; and C1000Z, Q1000, FR1000Z, and P8702N project models use non-unique X.509 certificates and SSH host keys. Many embedded devices are not unique X.509 Certificate and SSH Spoofing and intermediary because host key is used (man-in-the-middle) There is a possibility of being attacked and attacks such as decryption of communication contents. The encryption key is hard-coded (CWE-321) SEC Consult of Stefan Viehböck According to the survey, many embedded devices are not unique X.509 Certificate and SSH It is said that it is accessible from the Internet using a host key. A hard-coded key in a firmware image or a repository stored by scanning the Internet scans.io ( In particular SSH And the result of SSL Certificate ) A device that uses a certificate whose fingerprint matches the data of can be determined to be vulnerable. Affected devices include household routers and IP From the camera VoIP Wide range of products. CWE-321: Use of Hard-coded Cryptographic Key http://cwe.mitre.org/data/definitions/321.html scans.io https://scans.io/ SSH Result of https://scans.io/series/ssh-rsa-full-ipv4 SSL Certificate https://scans.io/study/sonar.ssl In many vulnerable devices, certificate and key reuse is limited to a limited product line by a specific developer, but there are several examples where multiple developers use the same certificate or key. Or exist. These are common SDK Firmware developed using, or ISP Provided by OEM The root cause is the use of device firmware. Vulnerable equipment is impersonation and intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. Perhaps the attacker can obtain authentication information and other sensitive information and use it for further attacks. Survey results and certificates SSH For more information on systems affected by host key issues, see SEC Consult See the blog post. Certificate https://www.sec-consult.com/download/certificates.html SSH Host key https://www.sec-consult.com/download/ssh_host_keys.html SEC Consult http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.htmlA remote attacker impersonates a user or intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. As a result, confidential information may be leaked. ZyXEL Access Point NWA1100-N is a wireless network receiving device from ZyXEL Technology. Multiple ZyXEL Products are prone to an information-disclosure vulnerability. Successful exploits will lead to other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-0027",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "gs1900-8",
"scope": "eq",
"trust": 1.6,
"vendor": "zyxel",
"version": null
},
{
"model": "gs1900-24",
"scope": "eq",
"trust": 1.6,
"vendor": "zyxel",
"version": null
},
{
"model": "sbg3500-n000",
"scope": "eq",
"trust": 1.6,
"vendor": "zyxel",
"version": null
},
{
"model": "p8702n",
"scope": "eq",
"trust": 1.6,
"vendor": "zyxel",
"version": null
},
{
"model": "pmg5318-b20a",
"scope": "eq",
"trust": 1.6,
"vendor": "zyxel",
"version": null
},
{
"model": "c1000z",
"scope": "eq",
"trust": 1.6,
"vendor": "zyxel",
"version": null
},
{
"model": "q1000",
"scope": "eq",
"trust": 1.6,
"vendor": "zyxel",
"version": null
},
{
"model": "sbg3300-nb00",
"scope": "eq",
"trust": 1.6,
"vendor": "zyxel",
"version": null
},
{
"model": "fr1000z",
"scope": "eq",
"trust": 1.6,
"vendor": "zyxel",
"version": null
},
{
"model": "sbg3300-n000",
"scope": "eq",
"trust": 1.6,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg4380-b10a",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1123-ac",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg1312-b30b",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": null
},
{
"model": "vsg1435-b101",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1123-ni",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg1312-b30a",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1121-ni",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg8924-b30a",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg1312-b10a",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1100-nh",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1100-n",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg8924-b10a",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": null
},
{
"model": "p-660hn-51",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": null
},
{
"model": "p-663hn-51",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg8324-b10a",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": null
},
{
"model": "access point nwa1100-n",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "access point nwa1100-nh",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "access point nwa1123-ac",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "access point nwa1121-ni",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "dsl cpe p-660hn-51",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "dsl cpe p-663hn-51",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "dsl cpe vmg1312-b10a",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "dsl cpe vmg1312-b30a",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "dsl cpe vmg1312-b30b",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "dsl cpe vmg4380-b10a",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "dsl cpe vmg8324-b10a",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "dsl cpe vmg8924-b10a",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "dsl cpe vmg8924-b30a",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "dsl cpe vsg1435-b101",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "gpon pmg1006-b20a",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "gpon pmg5318-b20a",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "small business gateway sbg3300-n000",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "small business gateway sbg3300-nb00",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "small business gateway sbg3500-n000",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "switch gs1900-8",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "switch gs1900-24",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "wimax max208m2w",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "wimax max218m2w",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "wimax max218mw",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "wimax max308m",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "project model c1000z",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "project model q1000",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "project model fr1000z",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": "project model p8702n",
"scope": null,
"trust": 0.9,
"vendor": "zyxel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "actiontec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "general electric",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netcomm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sierra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "technicolor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubiquiti",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "unify",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zte",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "c1000z",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "fr1000z",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "gs1900-24",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "gs1900-8",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1100-n",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1100-nh",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1121-ni",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1123-ac",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1123-ni",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "p-660hn-51",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "p-663hn-51",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "p8702n",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "pmg5318-b20a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "q1000",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "sbg3300-n000",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "sbg3300-nb00",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "sbg3500-n000",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg1312-b10a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg1312-b30a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg1312-b30b",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg4380-b10a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg8324-b10a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg8924-b10a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg8924-b30a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vsg1435-b101",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "",
"scope": null,
"trust": 0.8,
"vendor": "multiple vendors",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "CNVD",
"id": "CNVD-2015-08082"
},
{
"db": "BID",
"id": "78214"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-204"
},
{
"db": "NVD",
"id": "CVE-2015-7256"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:zyxel:c1000z_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:fr1000z_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:gs1900-24_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:gs1900-8_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1100-n_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1100-nh_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1121-ni_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1123-ac_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1123-ni_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:p-660hn-51_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:p-663hn-51_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:p8702n_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:pmg5318-b20a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:q1000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:sbg3300-n000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:sbg3300-nb00_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:sbg3500-n000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg1312-b10a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg1312-b30a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg1312-b30b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg4380-b10a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg8324-b10a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg8924-b10a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg8924-b30a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vsg1435-b101_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:misc:multiple_vendors",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stefan Viehb?ck of SEC Consult.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-204"
}
],
"trust": 0.6
},
"cve": "CVE-2015-7256",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-7256",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-7256",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-08082",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-85217",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2015-7256",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7256",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-7256",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-08082",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201512-204",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-85217",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08082"
},
{
"db": "VULHUB",
"id": "VHN-85217"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-204"
},
{
"db": "NVD",
"id": "CVE-2015-7256"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, and VSG1435-B101 DSL CPEs; PMG5318-B20A GPONs; SBG3300-N000, SBG3300-NB00, and SBG3500-N000 small business gateways; GS1900-8 and GS1900-24 switches; and C1000Z, Q1000, FR1000Z, and P8702N project models use non-unique X.509 certificates and SSH host keys. Many embedded devices are not unique X.509 Certificate and SSH Spoofing and intermediary because host key is used (man-in-the-middle) There is a possibility of being attacked and attacks such as decryption of communication contents. The encryption key is hard-coded (CWE-321) SEC Consult of Stefan Viehb\u0026#246;ck According to the survey, many embedded devices are not unique X.509 Certificate and SSH It is said that it is accessible from the Internet using a host key. A hard-coded key in a firmware image or a repository stored by scanning the Internet scans.io ( In particular SSH And the result of SSL Certificate ) A device that uses a certificate whose fingerprint matches the data of can be determined to be vulnerable. Affected devices include household routers and IP From the camera VoIP Wide range of products. CWE-321: Use of Hard-coded Cryptographic Key http://cwe.mitre.org/data/definitions/321.html scans.io https://scans.io/ SSH Result of https://scans.io/series/ssh-rsa-full-ipv4 SSL Certificate https://scans.io/study/sonar.ssl In many vulnerable devices, certificate and key reuse is limited to a limited product line by a specific developer, but there are several examples where multiple developers use the same certificate or key. Or exist. These are common SDK Firmware developed using, or ISP Provided by OEM The root cause is the use of device firmware. Vulnerable equipment is impersonation and intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. Perhaps the attacker can obtain authentication information and other sensitive information and use it for further attacks. Survey results and certificates SSH For more information on systems affected by host key issues, see SEC Consult See the blog post. Certificate https://www.sec-consult.com/download/certificates.html SSH Host key https://www.sec-consult.com/download/ssh_host_keys.html SEC Consult http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.htmlA remote attacker impersonates a user or intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. As a result, confidential information may be leaked. ZyXEL Access Point NWA1100-N is a wireless network receiving device from ZyXEL Technology. Multiple ZyXEL Products are prone to an information-disclosure vulnerability. Successful exploits will lead to other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7256"
},
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNVD",
"id": "CNVD-2015-08082"
},
{
"db": "BID",
"id": "78214"
},
{
"db": "VULHUB",
"id": "VHN-85217"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#566724",
"trust": 3.6
},
{
"db": "NVD",
"id": "CVE-2015-7256",
"trust": 3.4
},
{
"db": "BID",
"id": "78214",
"trust": 1.6
},
{
"db": "JVN",
"id": "JVNVU96100360",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201512-204",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-08082",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-85217",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "CNVD",
"id": "CNVD-2015-08082"
},
{
"db": "VULHUB",
"id": "VHN-85217"
},
{
"db": "BID",
"id": "78214"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-204"
},
{
"db": "NVD",
"id": "CVE-2015-7256"
}
]
},
"id": "VAR-201709-0027",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08082"
},
{
"db": "VULHUB",
"id": "VHN-85217"
}
],
"trust": 1.4433235866666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08082"
}
]
},
"last_update_date": "2025-04-20T23:21:26.498000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Zyxel to Fix SSH Private Key and Certificate Vulnerability (CVE-2015-7256)",
"trust": 0.8,
"url": "http://www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml"
},
{
"title": "Patches for multiple ZyXEL product information disclosure vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/68153"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08082"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85217"
},
{
"db": "NVD",
"id": "CVE-2015-7256"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.kb.cert.org/vuls/id/566724"
},
{
"trust": 2.0,
"url": "http://www.zyxel.com/support/announcement_ssh_private_key_and_certificate_vulnerability.shtml"
},
{
"trust": 1.6,
"url": "http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/78214"
},
{
"trust": 0.8,
"url": "http://blog.sec-consult.com/2016/09/house-of-keys-9-months-later-40-worse.html"
},
{
"trust": 0.8,
"url": "https://www.sec-consult.com/download/certificates.html"
},
{
"trust": 0.8,
"url": "https://www.sec-consult.com/download/ssh_host_keys.html"
},
{
"trust": 0.8,
"url": "https://scans.io/"
},
{
"trust": 0.8,
"url": "https://scans.io/series/ssh-rsa-full-ipv4"
},
{
"trust": 0.8,
"url": "https://scans.io/study/sonar.ssl"
},
{
"trust": 0.8,
"url": "https://censys.io"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6358"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7255"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7256"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7276"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8251"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu96100360/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7256"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6358"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7255"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7276"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8251"
},
{
"trust": 0.3,
"url": "http://www.zyxel.com/th/th/"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/bluu-a2nqyp"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "CNVD",
"id": "CNVD-2015-08082"
},
{
"db": "VULHUB",
"id": "VHN-85217"
},
{
"db": "BID",
"id": "78214"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-204"
},
{
"db": "NVD",
"id": "CVE-2015-7256"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "CNVD",
"id": "CNVD-2015-08082"
},
{
"db": "VULHUB",
"id": "VHN-85217"
},
{
"db": "BID",
"id": "78214"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-204"
},
{
"db": "NVD",
"id": "CVE-2015-7256"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-25T00:00:00",
"db": "CERT/CC",
"id": "VU#566724"
},
{
"date": "2015-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-08082"
},
{
"date": "2017-09-28T00:00:00",
"db": "VULHUB",
"id": "VHN-85217"
},
{
"date": "2015-11-25T00:00:00",
"db": "BID",
"id": "78214"
},
{
"date": "2016-02-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"date": "2015-11-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-204"
},
{
"date": "2017-09-28T01:29:00.670000",
"db": "NVD",
"id": "CVE-2015-7256"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-06T00:00:00",
"db": "CERT/CC",
"id": "VU#566724"
},
{
"date": "2015-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-08082"
},
{
"date": "2017-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-85217"
},
{
"date": "2015-11-25T00:00:00",
"db": "BID",
"id": "78214"
},
{
"date": "2018-02-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"date": "2015-12-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-204"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2015-7256"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-204"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Embedded devices use non-unique X.509 certificates and SSH host keys",
"sources": [
{
"db": "CERT/CC",
"id": "VU#566724"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-204"
}
],
"trust": 0.6
}
}
VAR-201708-0143
Vulnerability from variot - Updated: 2025-04-20 23:21ZTE OX-330P, ZXHN H108N, W300V1.0.0S_ZRD_TR1_D68, HG110, GAN9.8T101A-B, MF28G, ZXHN H108N use non-unique X.509 certificates and SSH host keys, which might allow remote attackers to obtain credentials or other sensitive information via a man-in-the-middle attack, passive decryption attack, or impersonating a legitimate device. The encryption key is hard-coded (CWE-321) SEC Consult of Stefan Viehböck According to the survey, many embedded devices are not unique X.509 Certificate and SSH It is said that it is accessible from the Internet using a host key. A hard-coded key in a firmware image or a repository stored by scanning the Internet scans.io ( In particular SSH And the result of SSL Certificate ) A device that uses a certificate whose fingerprint matches the data of can be determined to be vulnerable. Affected devices include household routers and IP From the camera VoIP Wide range of products. CWE-321: Use of Hard-coded Cryptographic Key http://cwe.mitre.org/data/definitions/321.html scans.io https://scans.io/ SSH Result of https://scans.io/series/ssh-rsa-full-ipv4 SSL Certificate https://scans.io/study/sonar.ssl In many vulnerable devices, certificate and key reuse is limited to a limited product line by a specific developer, but there are several examples where multiple developers use the same certificate or key. Or exist. These are common SDK Firmware developed using, or ISP Provided by OEM The root cause is the use of device firmware. Vulnerable equipment is impersonation and intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. Perhaps the attacker can obtain authentication information and other sensitive information and use it for further attacks. Survey results and certificates SSH For more information on systems affected by host key issues, see SEC Consult See the blog post. As a result, confidential information may be leaked. ZTEOX-330P and others are wireless router products of China ZTE Corporation (ZTE). An information disclosure vulnerability exists in several ZTE products. The following products are affected: ZTE OX-330P; ZXHN H108N; W300V1.0.0S_ZRD_TR1_D68; HG110; GAN9.8T101A-B; MF28G;
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-0143",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mf28g",
"scope": "eq",
"trust": 1.6,
"vendor": "zte",
"version": null
},
{
"model": "hg110",
"scope": "eq",
"trust": 1.6,
"vendor": "zte",
"version": null
},
{
"model": "zxhn h108n",
"scope": "eq",
"trust": 1.6,
"vendor": "zte",
"version": null
},
{
"model": "gan9.8t101a-b",
"scope": "eq",
"trust": 1.6,
"vendor": "zte",
"version": null
},
{
"model": "ox-330p",
"scope": "eq",
"trust": 1.6,
"vendor": "zte",
"version": null
},
{
"model": "w300v1.0.0s zrd tr1 d68",
"scope": "eq",
"trust": 1.6,
"vendor": "zte",
"version": null
},
{
"model": "zxhn h108n",
"scope": null,
"trust": 1.2,
"vendor": "zte",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "actiontec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "general electric",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netcomm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sierra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "technicolor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubiquiti",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "unify",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zte",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "c1000z",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "fr1000z",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "gs1900-24",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "gs1900-8",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1100-n",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1100-nh",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1121-ni",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1123-ac",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1123-ni",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "p-660hn-51",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "p-663hn-51",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "p8702n",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "pmg5318-b20a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "q1000",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "sbg3300-n000",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "sbg3300-nb00",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "sbg3500-n000",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg1312-b10a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg1312-b30a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg1312-b30b",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg4380-b10a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg8324-b10a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg8924-b10a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg8924-b30a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vsg1435-b101",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "",
"scope": null,
"trust": 0.8,
"vendor": "multiple vendors",
"version": null
},
{
"model": "ox-330p",
"scope": null,
"trust": 0.6,
"vendor": "zte",
"version": null
},
{
"model": "w300v1.0.0s zrd tr1 d68",
"scope": null,
"trust": 0.6,
"vendor": "zte",
"version": null
},
{
"model": "hg110",
"scope": null,
"trust": 0.6,
"vendor": "zte",
"version": null
},
{
"model": "gan9.8t101a-b",
"scope": null,
"trust": 0.6,
"vendor": "zte",
"version": null
},
{
"model": "mf28g",
"scope": null,
"trust": 0.6,
"vendor": "zte",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "CNVD",
"id": "CNVD-2017-33516"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1334"
},
{
"db": "NVD",
"id": "CVE-2015-7255"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:zyxel:c1000z_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:fr1000z_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:gs1900-24_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:gs1900-8_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1100-n_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1100-nh_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1121-ni_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1123-ac_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1123-ni_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:p-660hn-51_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:p-663hn-51_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:p8702n_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:pmg5318-b20a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:q1000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:sbg3300-n000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:sbg3300-nb00_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:sbg3500-n000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg1312-b10a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg1312-b30a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg1312-b30b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg4380-b10a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg8324-b10a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg8924-b10a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg8924-b30a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vsg1435-b101_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:misc:multiple_vendors",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
}
]
},
"cve": "CVE-2015-7255",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-7255",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-33516",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-85216",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2015-7255",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7255",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-7255",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-33516",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1334",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-85216",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-33516"
},
{
"db": "VULHUB",
"id": "VHN-85216"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1334"
},
{
"db": "NVD",
"id": "CVE-2015-7255"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ZTE OX-330P, ZXHN H108N, W300V1.0.0S_ZRD_TR1_D68, HG110, GAN9.8T101A-B, MF28G, ZXHN H108N use non-unique X.509 certificates and SSH host keys, which might allow remote attackers to obtain credentials or other sensitive information via a man-in-the-middle attack, passive decryption attack, or impersonating a legitimate device. The encryption key is hard-coded (CWE-321) SEC Consult of Stefan Viehb\u0026#246;ck According to the survey, many embedded devices are not unique X.509 Certificate and SSH It is said that it is accessible from the Internet using a host key. A hard-coded key in a firmware image or a repository stored by scanning the Internet scans.io ( In particular SSH And the result of SSL Certificate ) A device that uses a certificate whose fingerprint matches the data of can be determined to be vulnerable. Affected devices include household routers and IP From the camera VoIP Wide range of products. CWE-321: Use of Hard-coded Cryptographic Key http://cwe.mitre.org/data/definitions/321.html scans.io https://scans.io/ SSH Result of https://scans.io/series/ssh-rsa-full-ipv4 SSL Certificate https://scans.io/study/sonar.ssl In many vulnerable devices, certificate and key reuse is limited to a limited product line by a specific developer, but there are several examples where multiple developers use the same certificate or key. Or exist. These are common SDK Firmware developed using, or ISP Provided by OEM The root cause is the use of device firmware. Vulnerable equipment is impersonation and intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. Perhaps the attacker can obtain authentication information and other sensitive information and use it for further attacks. Survey results and certificates SSH For more information on systems affected by host key issues, see SEC Consult See the blog post. As a result, confidential information may be leaked. ZTEOX-330P and others are wireless router products of China ZTE Corporation (ZTE). An information disclosure vulnerability exists in several ZTE products. The following products are affected: ZTE OX-330P; ZXHN H108N; W300V1.0.0S_ZRD_TR1_D68; HG110; GAN9.8T101A-B; MF28G;",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7255"
},
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNVD",
"id": "CNVD-2017-33516"
},
{
"db": "VULHUB",
"id": "VHN-85216"
}
],
"trust": 2.97
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#566724",
"trust": 3.9
},
{
"db": "NVD",
"id": "CVE-2015-7255",
"trust": 3.1
},
{
"db": "JVN",
"id": "JVNVU96100360",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1334",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-33516",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-85216",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "CNVD",
"id": "CNVD-2017-33516"
},
{
"db": "VULHUB",
"id": "VHN-85216"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1334"
},
{
"db": "NVD",
"id": "CVE-2015-7255"
}
]
},
"id": "VAR-201708-0143",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-33516"
},
{
"db": "VULHUB",
"id": "VHN-85216"
}
],
"trust": 1.28941403
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-33516"
}
]
},
"last_update_date": "2025-04-20T23:21:26.460000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Zyxel to Fix SSH Private Key and Certificate Vulnerability (CVE-2015-7256)",
"trust": 0.8,
"url": "http://www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85216"
},
{
"db": "NVD",
"id": "CVE-2015-7255"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://www.kb.cert.org/vuls/id/566724"
},
{
"trust": 1.7,
"url": "https://www.kb.cert.org/vuls/id/bluu-a2nqyr"
},
{
"trust": 1.6,
"url": "http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.html"
},
{
"trust": 1.6,
"url": "https://github.com/sec-consult/houseofkeys/search?p=3\u0026q=zte\u0026type=\u0026utf8=%e2%9c%93"
},
{
"trust": 0.8,
"url": "http://blog.sec-consult.com/2016/09/house-of-keys-9-months-later-40-worse.html"
},
{
"trust": 0.8,
"url": "https://www.sec-consult.com/download/certificates.html"
},
{
"trust": 0.8,
"url": "https://www.sec-consult.com/download/ssh_host_keys.html"
},
{
"trust": 0.8,
"url": "https://scans.io/"
},
{
"trust": 0.8,
"url": "https://scans.io/series/ssh-rsa-full-ipv4"
},
{
"trust": 0.8,
"url": "https://scans.io/study/sonar.ssl"
},
{
"trust": 0.8,
"url": "https://censys.io"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6358"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7255"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7256"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7276"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8251"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu96100360/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7256"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6358"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7255"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7276"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8251"
},
{
"trust": 0.1,
"url": "https://github.com/sec-consult/houseofkeys/search?p=3\u0026amp;q=zte\u0026amp;type=\u0026amp;utf8=%e2%9c%93"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "CNVD",
"id": "CNVD-2017-33516"
},
{
"db": "VULHUB",
"id": "VHN-85216"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1334"
},
{
"db": "NVD",
"id": "CVE-2015-7255"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "CNVD",
"id": "CNVD-2017-33516"
},
{
"db": "VULHUB",
"id": "VHN-85216"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1334"
},
{
"db": "NVD",
"id": "CVE-2015-7255"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-25T00:00:00",
"db": "CERT/CC",
"id": "VU#566724"
},
{
"date": "2017-11-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-33516"
},
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-85216"
},
{
"date": "2016-02-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"date": "2017-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1334"
},
{
"date": "2017-08-29T15:29:00.517000",
"db": "NVD",
"id": "CVE-2015-7255"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-06T00:00:00",
"db": "CERT/CC",
"id": "VU#566724"
},
{
"date": "2017-11-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-33516"
},
{
"date": "2017-09-12T00:00:00",
"db": "VULHUB",
"id": "VHN-85216"
},
{
"date": "2018-02-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"date": "2017-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1334"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2015-7255"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1334"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Embedded devices use non-unique X.509 certificates and SSH host keys",
"sources": [
{
"db": "CERT/CC",
"id": "VU#566724"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1334"
}
],
"trust": 0.6
}
}
VAR-201702-0400
Vulnerability from variot - Updated: 2025-04-20 23:20ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the DIA_IPADDRESS parameter. HELPNetCommWirelessHSPA3G10WVE is a wireless router product from HELP of the United Arab Emirates. There is a security vulnerability in the ping.cgi file in the NetCommWireless HSPA 3G10WVE wireless router using firmware versions earlier than 3G10WVE-L101-S306ETS-C01_R05. Title:
NetCommWireless HSPA 3G10WVE Wireless Router \x96 Multiple vulnerabilities
Credit:
Name: Bhadresh Patel Company/affiliation: HelpAG Website: www.helpag.com
CVE:
CVE-2015-6023, CVE-2016-6024
Date:
03-05-2016 (dd/mm/yyyy)
Vendor:
NetComm Wireless is a leading developer and supplier of high performance communication devices that connect businesses and people to the internet.
Products and services: Wireless 3G/4G broadband devices Custom engineered technologies Broadband communication devices
Customers: Telecommunications carriers Internet Service Providers System Integrators Channel partners Enterprise customers
Product:
HSPA 3G10WVE is a wireless router
It integrates a wireless LAN, HSPA module and voice gateway into one stylish unit. Insert an active HSPA SIM Card into the slot on the rear panel & get instant access to 3G internet connection. Etisalat HSPA 3G10WVE wireless router incorporates a WLAN 802.11b/g access point, two Ethernet 10/100Mbps ports for voice & fax. Featuring voice port which means that one can stay connected using the internet & phone. If one need a flexible internet connection for his business or at home; this is the perfect solution.
Customer Product link: http://www.etisalat.ae/nrd/en/generic/3.5g_router.jsp
Abstract:
Multiple vulnerabilities in the HSPA 3G10WVE wireless router enable an anonymous unauthorized attacker to 1) bypass authentication and gain unauthorized access of router's network troubleshooting page (ping.cgi) and 2) exploit a command injection vulnerability on ping.cgi, which could result in a complete system/network compromise.
Report-Timeline:
03-09-2015: Vendor notification 08-09-2015: Vendor Response/Feedback 02-05-2016: Vendor Fix/Patch 03-05-2016: Public Disclosure
Affected Software Version:
3G10WVE-L101-S306ETS-C01_R03
Exploitation-Technique:
Remote
Severity Rating (CVSS):
10.0 (Critical) (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Details:
Below listed vulnerabilities enable an anonymous unauthorized attacker to gain access of network troubleshooting page (ping.cgi) on wireless router and inject commands to compromise full system/network.
1) Bypass authentication and gain unauthorized access vulnerability - CVE-2015-6023 2) Command injection vulnerability - CVE-2016-6024
Vulnerable module/page/application: ping.cgi
Vulnerable parameter: DIA_IPADDRESS
Proof Of Concept:
PoC URL: http(s):///ping.cgi?DIA_IPADDRESS=4.2.2.2;cat%20/etc/passwd
PoC Video: https://www.youtube.com/watch?v=FS43MRG7RDk
Patched/Fixed Firmware and notes:
ftp://files.planetnetcomm.com/3G10WVE/3G10WVE-L101-S306ETS-C01_R05.bin
NOTE: Verified only by Vendor
Credits:
Bhadresh Patel Senior Security Analyst HelpAG (www.helpag.com)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-0400",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hspa 3g10wve",
"scope": "eq",
"trust": 1.6,
"vendor": "netcommwireless",
"version": "3g10wve-l101-s306ets-c01_r03"
},
{
"model": "netcommwireless hspa 3g10wve",
"scope": null,
"trust": 0.8,
"vendor": "netcomm",
"version": null
},
{
"model": "netcommwireless hspa 3g10wve",
"scope": "lt",
"trust": 0.8,
"vendor": "netcomm",
"version": "3g10wve-l101-s306ets-c01_r05"
},
{
"model": "netcommwireless hspa 3g10wve",
"scope": null,
"trust": 0.6,
"vendor": "help",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02893"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007392"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-126"
},
{
"db": "NVD",
"id": "CVE-2015-6024"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:netcommwireless:hspa_3g10wve",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netcommwireless:hspa_3g10wve_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007392"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bhadresh Patel",
"sources": [
{
"db": "PACKETSTORM",
"id": "136901"
}
],
"trust": 0.1
},
"cve": "CVE-2015-6024",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6024",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2016-02893",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-83985",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2015-6024",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6024",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2015-6024",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2016-02893",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-126",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-83985",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-6024",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02893"
},
{
"db": "VULHUB",
"id": "VHN-83985"
},
{
"db": "VULMON",
"id": "CVE-2015-6024"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007392"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-126"
},
{
"db": "NVD",
"id": "CVE-2015-6024"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the DIA_IPADDRESS parameter. HELPNetCommWirelessHSPA3G10WVE is a wireless router product from HELP of the United Arab Emirates. There is a security vulnerability in the ping.cgi file in the NetCommWireless HSPA 3G10WVE wireless router using firmware versions earlier than 3G10WVE-L101-S306ETS-C01_R05. Title:\n====\n\nNetCommWireless HSPA 3G10WVE Wireless Router \\x96 Multiple vulnerabilities\n\nCredit:\n======\n\nName: Bhadresh Patel\nCompany/affiliation: HelpAG\nWebsite: www.helpag.com\n\nCVE:\n=====\n\nCVE-2015-6023, CVE-2016-6024\n\nDate:\n====\n\n03-05-2016 (dd/mm/yyyy)\n\nVendor:\n======\n\nNetComm Wireless is a leading developer and supplier of high performance communication devices that connect businesses and people to the internet. \n\nProducts and services:\nWireless 3G/4G broadband devices\nCustom engineered technologies\nBroadband communication devices\n\nCustomers:\nTelecommunications carriers\nInternet Service Providers\nSystem Integrators\nChannel partners\nEnterprise customers\n\nProduct:\n=======\n\nHSPA 3G10WVE is a wireless router\n\nIt integrates a wireless LAN, HSPA module and voice gateway into one stylish unit. Insert an active HSPA SIM Card into the slot on the rear panel \u0026 get instant access to 3G internet connection. Etisalat HSPA 3G10WVE wireless router incorporates a WLAN 802.11b/g access point, two Ethernet 10/100Mbps ports for voice \u0026 fax. Featuring voice port which means that one can stay connected using the internet \u0026 phone. If one need a flexible internet connection for his business or at home; this is the perfect solution. \n\nCustomer Product link: http://www.etisalat.ae/nrd/en/generic/3.5g_router.jsp\n\n\nAbstract:\n=======\n\nMultiple vulnerabilities in the HSPA 3G10WVE wireless router enable an anonymous unauthorized attacker to 1) bypass authentication and gain unauthorized access of router\u0027s network troubleshooting page (ping.cgi) and 2) exploit a command injection vulnerability on ping.cgi, which could result in a complete system/network compromise. \n\nReport-Timeline:\n============\n03-09-2015: Vendor notification\n08-09-2015: Vendor Response/Feedback\n02-05-2016: Vendor Fix/Patch\n03-05-2016: Public Disclosure\n\nAffected Software Version:\n=============\n\n3G10WVE-L101-S306ETS-C01_R03\n\n\nExploitation-Technique:\n===================\n\nRemote\n\n\nSeverity Rating (CVSS):\n===================\n\n10.0 (Critical) (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\n\nDetails:\n=======\n\nBelow listed vulnerabilities enable an anonymous unauthorized attacker to gain access of network troubleshooting page (ping.cgi) on wireless router and inject commands to compromise full system/network. \n\n1) Bypass authentication and gain unauthorized access vulnerability - CVE-2015-6023\n2) Command injection vulnerability - CVE-2016-6024\n\nVulnerable module/page/application: ping.cgi\n\nVulnerable parameter: DIA_IPADDRESS\n\nProof Of Concept:\n================\n\nPoC URL: http(s)://\u003cvictim_IP\u003e/ping.cgi?DIA_IPADDRESS=4.2.2.2;cat%20/etc/passwd\n\nPoC Video: https://www.youtube.com/watch?v=FS43MRG7RDk\n\nPatched/Fixed Firmware and notes:\n==========================\n\nftp://files.planetnetcomm.com/3G10WVE/3G10WVE-L101-S306ETS-C01_R05.bin\n\nNOTE: Verified only by Vendor\n\n\n\nCredits:\n=======\n\nBhadresh Patel\nSenior Security Analyst\nHelpAG (www.helpag.com)\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6024"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007392"
},
{
"db": "CNVD",
"id": "CNVD-2016-02893"
},
{
"db": "VULHUB",
"id": "VHN-83985"
},
{
"db": "VULMON",
"id": "CVE-2015-6024"
},
{
"db": "PACKETSTORM",
"id": "136901"
}
],
"trust": 2.43
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-83985",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=39762",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83985"
},
{
"db": "VULMON",
"id": "CVE-2015-6024"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6024",
"trust": 3.3
},
{
"db": "PACKETSTORM",
"id": "136901",
"trust": 3.3
},
{
"db": "EXPLOIT-DB",
"id": "39762",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007392",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201605-126",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-02893",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-83985",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-6024",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02893"
},
{
"db": "VULHUB",
"id": "VHN-83985"
},
{
"db": "VULMON",
"id": "CVE-2015-6024"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007392"
},
{
"db": "PACKETSTORM",
"id": "136901"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-126"
},
{
"db": "NVD",
"id": "CVE-2015-6024"
}
]
},
"id": "VAR-201702-0400",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02893"
},
{
"db": "VULHUB",
"id": "VHN-83985"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02893"
}
]
},
"last_update_date": "2025-04-20T23:20:06.785000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.netcommwireless.com/"
},
{
"title": "HELPNetCommWirelessHSPA3G10WVE Command Injection Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/75436"
},
{
"title": "NetCommWireless HSPA 3G10WVE Fixes for command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61449"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02893"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007392"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-126"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83985"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007392"
},
{
"db": "NVD",
"id": "CVE-2015-6024"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "http://packetstormsecurity.com/files/136901/netcommwireless-hspa-3g10wve-authentication-bypass-code-execution.html"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/39762/"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2016/may/13"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2016/may/18"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/538263/100/0/threaded"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/538297/100/0/threaded"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6024"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6024"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/538297/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/538263/100/0/threaded"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/77.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6023"
},
{
"trust": 0.1,
"url": "https://www.helpag.com)"
},
{
"trust": 0.1,
"url": "https://www.youtube.com/watch?v=fs43mrg7rdk"
},
{
"trust": 0.1,
"url": "https://www.helpag.com"
},
{
"trust": 0.1,
"url": "http://www.etisalat.ae/nrd/en/generic/3.5g_router.jsp"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02893"
},
{
"db": "VULHUB",
"id": "VHN-83985"
},
{
"db": "VULMON",
"id": "CVE-2015-6024"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007392"
},
{
"db": "PACKETSTORM",
"id": "136901"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-126"
},
{
"db": "NVD",
"id": "CVE-2015-6024"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-02893"
},
{
"db": "VULHUB",
"id": "VHN-83985"
},
{
"db": "VULMON",
"id": "CVE-2015-6024"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007392"
},
{
"db": "PACKETSTORM",
"id": "136901"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-126"
},
{
"db": "NVD",
"id": "CVE-2015-6024"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-02893"
},
{
"date": "2017-02-09T00:00:00",
"db": "VULHUB",
"id": "VHN-83985"
},
{
"date": "2017-02-09T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6024"
},
{
"date": "2017-03-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007392"
},
{
"date": "2016-05-03T23:16:49",
"db": "PACKETSTORM",
"id": "136901"
},
{
"date": "2016-05-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-126"
},
{
"date": "2017-02-09T15:59:00.347000",
"db": "NVD",
"id": "CVE-2015-6024"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-02893"
},
{
"date": "2018-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-83985"
},
{
"date": "2018-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6024"
},
{
"date": "2017-03-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007392"
},
{
"date": "2017-02-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-126"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2015-6024"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136901"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-126"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetCommWireless HSPA 3G10WVE Wireless Router Of firmware ping.cgi Vulnerable to arbitrary command execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007392"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-126"
}
],
"trust": 0.6
}
}
VAR-201702-0312
Vulnerability from variot - Updated: 2025-04-20 23:20ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote attackers to bypass intended access restrictions via a direct request. NOTE: this issue can be combined with CVE-2015-6024 to execute arbitrary commands. HELPNetCommWirelessHSPA3G10WVE is a wireless router product from HELP of the United Arab Emirates. This may lead to further attacks. NetCommWireless Wireless Router 3G10WVE-L101-S306ETS-C01_R03 is vulnerable; other versions may also be affected. Title: ====
NetCommWireless HSPA 3G10WVE Wireless Router \x96 Multiple vulnerabilities
Credit:
Name: Bhadresh Patel Company/affiliation: HelpAG Website: www.helpag.com
CVE:
CVE-2015-6023, CVE-2016-6024
Date:
03-05-2016 (dd/mm/yyyy)
Vendor:
NetComm Wireless is a leading developer and supplier of high performance communication devices that connect businesses and people to the internet.
Products and services: Wireless 3G/4G broadband devices Custom engineered technologies Broadband communication devices
Customers: Telecommunications carriers Internet Service Providers System Integrators Channel partners Enterprise customers
Product:
HSPA 3G10WVE is a wireless router
It integrates a wireless LAN, HSPA module and voice gateway into one stylish unit. Insert an active HSPA SIM Card into the slot on the rear panel & get instant access to 3G internet connection. Featuring voice port which means that one can stay connected using the internet & phone. If one need a flexible internet connection for his business or at home; this is the perfect solution.
Report-Timeline:
03-09-2015: Vendor notification 08-09-2015: Vendor Response/Feedback 02-05-2016: Vendor Fix/Patch 03-05-2016: Public Disclosure
Affected Software Version:
3G10WVE-L101-S306ETS-C01_R03
Exploitation-Technique:
Remote
Severity Rating (CVSS):
10.0 (Critical) (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Details:
Below listed vulnerabilities enable an anonymous unauthorized attacker to gain access of network troubleshooting page (ping.cgi) on wireless router and inject commands to compromise full system/network.
1) Bypass authentication and gain unauthorized access vulnerability - CVE-2015-6023 2) Command injection vulnerability - CVE-2016-6024
Vulnerable module/page/application: ping.cgi
Vulnerable parameter: DIA_IPADDRESS
Proof Of Concept:
PoC URL: http(s):///ping.cgi?DIA_IPADDRESS=4.2.2.2;cat%20/etc/passwd
PoC Video: https://www.youtube.com/watch?v=FS43MRG7RDk
Patched/Fixed Firmware and notes:
ftp://files.planetnetcomm.com/3G10WVE/3G10WVE-L101-S306ETS-C01_R05.bin
NOTE: Verified only by Vendor
Credits:
Bhadresh Patel Senior Security Analyst HelpAG (www.helpag.com)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-0312",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hspa 3g10wve",
"scope": "eq",
"trust": 1.6,
"vendor": "netcommwireless",
"version": "3g10wve-l101-s306ets-c01_r03"
},
{
"model": "netcommwireless hspa 3g10wve",
"scope": null,
"trust": 0.8,
"vendor": "netcomm",
"version": null
},
{
"model": "netcommwireless hspa 3g10wve",
"scope": "lt",
"trust": 0.8,
"vendor": "netcomm",
"version": "3g10wve-l101-s306ets-c01_r05"
},
{
"model": "netcommwireless hspa 3g10wve",
"scope": null,
"trust": 0.6,
"vendor": "help",
"version": null
},
{
"model": "wireless hspa 3g10wve-l101-s306ets",
"scope": null,
"trust": 0.3,
"vendor": "netcomm",
"version": null
},
{
"model": "wireless hspa 3g10wve-l101-s306ets",
"scope": "ne",
"trust": 0.3,
"vendor": "netcomm",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02892"
},
{
"db": "BID",
"id": "96383"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007391"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-127"
},
{
"db": "NVD",
"id": "CVE-2015-6023"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:netcommwireless:hspa_3g10wve",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netcommwireless:hspa_3g10wve_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007391"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bhadresh Patel.",
"sources": [
{
"db": "BID",
"id": "96383"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6023",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6023",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2016-02892",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-83984",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2015-6023",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6023",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-6023",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2016-02892",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-127",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-83984",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-6023",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02892"
},
{
"db": "VULHUB",
"id": "VHN-83984"
},
{
"db": "VULMON",
"id": "CVE-2015-6023"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007391"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-127"
},
{
"db": "NVD",
"id": "CVE-2015-6023"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote attackers to bypass intended access restrictions via a direct request. NOTE: this issue can be combined with CVE-2015-6024 to execute arbitrary commands. HELPNetCommWirelessHSPA3G10WVE is a wireless router product from HELP of the United Arab Emirates. This may lead to further attacks. \nNetCommWireless Wireless Router 3G10WVE-L101-S306ETS-C01_R03 is vulnerable; other versions may also be affected. Title:\n====\n\nNetCommWireless HSPA 3G10WVE Wireless Router \\x96 Multiple vulnerabilities\n\nCredit:\n======\n\nName: Bhadresh Patel\nCompany/affiliation: HelpAG\nWebsite: www.helpag.com\n\nCVE:\n=====\n\nCVE-2015-6023, CVE-2016-6024\n\nDate:\n====\n\n03-05-2016 (dd/mm/yyyy)\n\nVendor:\n======\n\nNetComm Wireless is a leading developer and supplier of high performance communication devices that connect businesses and people to the internet. \n\nProducts and services:\nWireless 3G/4G broadband devices\nCustom engineered technologies\nBroadband communication devices\n\nCustomers:\nTelecommunications carriers\nInternet Service Providers\nSystem Integrators\nChannel partners\nEnterprise customers\n\nProduct:\n=======\n\nHSPA 3G10WVE is a wireless router\n\nIt integrates a wireless LAN, HSPA module and voice gateway into one stylish unit. Insert an active HSPA SIM Card into the slot on the rear panel \u0026 get instant access to 3G internet connection. Featuring voice port which means that one can stay connected using the internet \u0026 phone. If one need a flexible internet connection for his business or at home; this is the perfect solution. \n\nReport-Timeline:\n============\n03-09-2015: Vendor notification\n08-09-2015: Vendor Response/Feedback\n02-05-2016: Vendor Fix/Patch\n03-05-2016: Public Disclosure\n\nAffected Software Version:\n=============\n\n3G10WVE-L101-S306ETS-C01_R03\n\n\nExploitation-Technique:\n===================\n\nRemote\n\n\nSeverity Rating (CVSS):\n===================\n\n10.0 (Critical) (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\n\nDetails:\n=======\n\nBelow listed vulnerabilities enable an anonymous unauthorized attacker to gain access of network troubleshooting page (ping.cgi) on wireless router and inject commands to compromise full system/network. \n\n1) Bypass authentication and gain unauthorized access vulnerability - CVE-2015-6023\n2) Command injection vulnerability - CVE-2016-6024\n\nVulnerable module/page/application: ping.cgi\n\nVulnerable parameter: DIA_IPADDRESS\n\nProof Of Concept:\n================\n\nPoC URL: http(s)://\u003cvictim_IP\u003e/ping.cgi?DIA_IPADDRESS=4.2.2.2;cat%20/etc/passwd\n\nPoC Video: https://www.youtube.com/watch?v=FS43MRG7RDk\n\nPatched/Fixed Firmware and notes:\n==========================\n\nftp://files.planetnetcomm.com/3G10WVE/3G10WVE-L101-S306ETS-C01_R05.bin\n\nNOTE: Verified only by Vendor\n\n\n\nCredits:\n=======\n\nBhadresh Patel\nSenior Security Analyst\nHelpAG (www.helpag.com)\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6023"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007391"
},
{
"db": "CNVD",
"id": "CNVD-2016-02892"
},
{
"db": "BID",
"id": "96383"
},
{
"db": "VULHUB",
"id": "VHN-83984"
},
{
"db": "VULMON",
"id": "CVE-2015-6023"
},
{
"db": "PACKETSTORM",
"id": "136901"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-83984",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=39762",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83984"
},
{
"db": "VULMON",
"id": "CVE-2015-6023"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6023",
"trust": 3.6
},
{
"db": "PACKETSTORM",
"id": "136901",
"trust": 3.3
},
{
"db": "EXPLOIT-DB",
"id": "39762",
"trust": 1.8
},
{
"db": "BID",
"id": "96383",
"trust": 1.5
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007391",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201605-127",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-02892",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-91441",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-83984",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-6023",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02892"
},
{
"db": "VULHUB",
"id": "VHN-83984"
},
{
"db": "VULMON",
"id": "CVE-2015-6023"
},
{
"db": "BID",
"id": "96383"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007391"
},
{
"db": "PACKETSTORM",
"id": "136901"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-127"
},
{
"db": "NVD",
"id": "CVE-2015-6023"
}
]
},
"id": "VAR-201702-0312",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02892"
},
{
"db": "VULHUB",
"id": "VHN-83984"
}
],
"trust": 1.53333335
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02892"
}
]
},
"last_update_date": "2025-04-20T23:20:06.742000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.netcommwireless.com/"
},
{
"title": "HELPNetCommWirelessHSPA3G10WVE Security Bypass Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/75437"
},
{
"title": "NetCommWireless HSPA 3G10WVE Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61450"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02892"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007391"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-127"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83984"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007391"
},
{
"db": "NVD",
"id": "CVE-2015-6023"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "http://packetstormsecurity.com/files/136901/netcommwireless-hspa-3g10wve-authentication-bypass-code-execution.html"
},
{
"trust": 2.1,
"url": "http://seclists.org/fulldisclosure/2016/may/18"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/39762/"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2016/may/13"
},
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/96383"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/538263/100/0/threaded"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/538297/100/0/threaded"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6023"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6023"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/538297/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/538263/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://www.netcommwireless.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/284.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.helpag.com)"
},
{
"trust": 0.1,
"url": "https://www.youtube.com/watch?v=fs43mrg7rdk"
},
{
"trust": 0.1,
"url": "https://www.helpag.com"
},
{
"trust": 0.1,
"url": "http://www.etisalat.ae/nrd/en/generic/3.5g_router.jsp"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6024"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02892"
},
{
"db": "VULHUB",
"id": "VHN-83984"
},
{
"db": "VULMON",
"id": "CVE-2015-6023"
},
{
"db": "BID",
"id": "96383"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007391"
},
{
"db": "PACKETSTORM",
"id": "136901"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-127"
},
{
"db": "NVD",
"id": "CVE-2015-6023"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-02892"
},
{
"db": "VULHUB",
"id": "VHN-83984"
},
{
"db": "VULMON",
"id": "CVE-2015-6023"
},
{
"db": "BID",
"id": "96383"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007391"
},
{
"db": "PACKETSTORM",
"id": "136901"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-127"
},
{
"db": "NVD",
"id": "CVE-2015-6023"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-02892"
},
{
"date": "2017-02-09T00:00:00",
"db": "VULHUB",
"id": "VHN-83984"
},
{
"date": "2017-02-09T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6023"
},
{
"date": "2017-02-09T00:00:00",
"db": "BID",
"id": "96383"
},
{
"date": "2017-03-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007391"
},
{
"date": "2016-05-03T23:16:49",
"db": "PACKETSTORM",
"id": "136901"
},
{
"date": "2016-05-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-127"
},
{
"date": "2017-02-09T15:59:00.300000",
"db": "NVD",
"id": "CVE-2015-6023"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-02892"
},
{
"date": "2018-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-83984"
},
{
"date": "2018-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6023"
},
{
"date": "2017-03-07T04:04:00",
"db": "BID",
"id": "96383"
},
{
"date": "2017-03-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007391"
},
{
"date": "2017-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-127"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2015-6023"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136901"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-127"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetCommWireless HSPA 3G10WVE Wireless Router Of firmware ping.cgi Vulnerable to access restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007391"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-127"
}
],
"trust": 0.6
}
}
VAR-201703-0470
Vulnerability from variot - Updated: 2025-04-20 23:13Cross-site scripting (XSS) vulnerability in the NetComm NB16WV-02 router with firmware NB16WV_R0.09 allows remote authenticated users to inject arbitrary web script or HTML via the S801F0334 parameter to hdd.htm. NetCommNB16WV-02 is a router product from NetComm Australia. The NetCommNB16WV-02 has an HTML injection vulnerability that stems from a program failing to properly validate user-supplied input. When an unsuspecting user browses an affected website, an attacker can exploit the vulnerability to execute arbitrary script code in the user's browser, stealing cookie-based authentication credentials and performing other attacks. This can allow the attacker to steal cookie-based authentication credentials and to launch other attacks. NetComm NB16WV-02 NB16WV_R0.09 is vulnerable; other versions may also be affected. A cross-site scripting vulnerability exists in NetComm NB16WV-02 routers using NB16WV_R0.09 firmware
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201703-0470",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nb16wv-02",
"scope": "eq",
"trust": 2.4,
"vendor": "netcomm",
"version": "nb16wv_r0.09"
},
{
"model": "nb16wv-02 nb16wv r0.09",
"scope": null,
"trust": 0.9,
"vendor": "netcomm",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-10834"
},
{
"db": "BID",
"id": "97161"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002754"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1258"
},
{
"db": "NVD",
"id": "CVE-2017-5900"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netcommwireless:nb16wv-02_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002754"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Luke Symons",
"sources": [
{
"db": "BID",
"id": "97161"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1258"
}
],
"trust": 0.9
},
"cve": "CVE-2017-5900",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2017-5900",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CNVD-2017-10834",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "VHN-114103",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"id": "CVE-2017-5900",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-5900",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-5900",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-10834",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201703-1258",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-114103",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-10834"
},
{
"db": "VULHUB",
"id": "VHN-114103"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002754"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1258"
},
{
"db": "NVD",
"id": "CVE-2017-5900"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in the NetComm NB16WV-02 router with firmware NB16WV_R0.09 allows remote authenticated users to inject arbitrary web script or HTML via the S801F0334 parameter to hdd.htm. NetCommNB16WV-02 is a router product from NetComm Australia. The NetCommNB16WV-02 has an HTML injection vulnerability that stems from a program failing to properly validate user-supplied input. When an unsuspecting user browses an affected website, an attacker can exploit the vulnerability to execute arbitrary script code in the user\u0027s browser, stealing cookie-based authentication credentials and performing other attacks. This can allow the attacker to steal cookie-based authentication credentials and to launch other attacks. \nNetComm NB16WV-02 NB16WV_R0.09 is vulnerable; other versions may also be affected. A cross-site scripting vulnerability exists in NetComm NB16WV-02 routers using NB16WV_R0.09 firmware",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5900"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002754"
},
{
"db": "CNVD",
"id": "CNVD-2017-10834"
},
{
"db": "BID",
"id": "97161"
},
{
"db": "VULHUB",
"id": "VHN-114103"
}
],
"trust": 2.52
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-114103",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114103"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-5900",
"trust": 3.4
},
{
"db": "BID",
"id": "97161",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1038171",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002754",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1258",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-10834",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "141998",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-114103",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-10834"
},
{
"db": "VULHUB",
"id": "VHN-114103"
},
{
"db": "BID",
"id": "97161"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002754"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1258"
},
{
"db": "NVD",
"id": "CVE-2017-5900"
}
]
},
"id": "VAR-201703-0470",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-10834"
},
{
"db": "VULHUB",
"id": "VHN-114103"
}
],
"trust": 1.45
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-10834"
}
]
},
"last_update_date": "2025-04-20T23:13:16.767000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.netcommwireless.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002754"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114103"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002754"
},
{
"db": "NVD",
"id": "CVE-2017-5900"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/97161"
},
{
"trust": 2.2,
"url": "http://seclists.org/fulldisclosure/2017/mar/75"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5900"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1038171"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5900"
},
{
"trust": 0.3,
"url": "http://www.netcommwireless.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-10834"
},
{
"db": "VULHUB",
"id": "VHN-114103"
},
{
"db": "BID",
"id": "97161"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002754"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1258"
},
{
"db": "NVD",
"id": "CVE-2017-5900"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-10834"
},
{
"db": "VULHUB",
"id": "VHN-114103"
},
{
"db": "BID",
"id": "97161"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002754"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1258"
},
{
"db": "NVD",
"id": "CVE-2017-5900"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-10834"
},
{
"date": "2017-03-29T00:00:00",
"db": "VULHUB",
"id": "VHN-114103"
},
{
"date": "2017-03-27T00:00:00",
"db": "BID",
"id": "97161"
},
{
"date": "2017-04-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002754"
},
{
"date": "2017-03-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-1258"
},
{
"date": "2017-03-29T14:59:00.423000",
"db": "NVD",
"id": "CVE-2017-5900"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-10834"
},
{
"date": "2017-07-12T00:00:00",
"db": "VULHUB",
"id": "VHN-114103"
},
{
"date": "2017-03-29T00:02:00",
"db": "BID",
"id": "97161"
},
{
"date": "2017-04-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002754"
},
{
"date": "2017-10-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-1258"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-5900"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-1258"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetComm NB16WV-02 Router firmware cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002754"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-1258"
}
],
"trust": 0.6
}
}
VAR-201410-0378
Vulnerability from variot - Updated: 2025-04-13 23:14Cross-site scripting (XSS) vulnerability in wlsecurity.html on NetCommWireless NB604N routers with firmware before GAN5.CZ56T-B-NC.AU-R4B030.EN allows remote attackers to inject arbitrary web script or HTML via the wlWpaPsk parameter. NetComm Wireless Provided by NB604N Is Wireless -> Security page (wlsecurity.html) Variables that are not sanitized wlWpaPsk Value of Javascript variable wpaPskKey Stored cross-site scripting vulnerability (CWE-79) Exists. The NetCommWireless NB604N is a router device. Sensitive information or hijacking user sessions. NetCommWireless NB604N is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and to launch other attacks. NetCommWireless NB604N GAN5.CZ56T-B-NC.AU-R4B010.EN is vulnerable; other versions may also be affected. NetComm Wireless NB604N Routers is a wireless router product of Australia NetComm Wireless company
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201410-0378",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nb604n",
"scope": "lte",
"trust": 1.0,
"vendor": "netcommwireless",
"version": "gan5.cz56t-b-nc.au-r4b010.en"
},
{
"model": "nb604n",
"scope": "eq",
"trust": 1.0,
"vendor": "netcommwireless",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netcomm",
"version": null
},
{
"model": "nb604n",
"scope": null,
"trust": 0.8,
"vendor": "netcomm",
"version": null
},
{
"model": "nb604n",
"scope": "eq",
"trust": 0.8,
"vendor": "netcomm",
"version": "gan5.cz56t-b-nc.au-r4b010.en"
},
{
"model": "wireless limited. netcommwireless nb604n gan5.cz56t-b-nc.au-r4b010.en",
"scope": null,
"trust": 0.6,
"vendor": "netcomm",
"version": null
},
{
"model": "nb604n",
"scope": "eq",
"trust": 0.6,
"vendor": "netcommwireless",
"version": "gan5.cz56t-b-nc.au-r4b010.en"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#941108"
},
{
"db": "CNVD",
"id": "CNVD-2014-06598"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004570"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-133"
},
{
"db": "NVD",
"id": "CVE-2014-4871"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:netcommwireless:nb604n",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netcommwireless:nb604n_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004570"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Katie Duczmal",
"sources": [
{
"db": "BID",
"id": "70253"
}
],
"trust": 0.3
},
"cve": "CVE-2014-4871",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2014-4871",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 3.5,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 2.3,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 6.8,
"id": "CVE-2014-4871",
"impactScore": 2.9,
"integrityImpact": "NONE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "NOT DEFINED",
"severity": "LOW",
"targetDistribution": "MEDIUM",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 3.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2014-004570",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "CNVD-2014-06598",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-72812",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-4871",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-4871",
"trust": 0.8,
"value": "LOW"
},
{
"author": "IPA",
"id": "JVNDB-2014-004570",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNVD",
"id": "CNVD-2014-06598",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201410-133",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-72812",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#941108"
},
{
"db": "CNVD",
"id": "CNVD-2014-06598"
},
{
"db": "VULHUB",
"id": "VHN-72812"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004570"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-133"
},
{
"db": "NVD",
"id": "CVE-2014-4871"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in wlsecurity.html on NetCommWireless NB604N routers with firmware before GAN5.CZ56T-B-NC.AU-R4B030.EN allows remote attackers to inject arbitrary web script or HTML via the wlWpaPsk parameter. NetComm Wireless Provided by NB604N Is Wireless -\u003e Security page (wlsecurity.html) Variables that are not sanitized wlWpaPsk Value of Javascript variable wpaPskKey Stored cross-site scripting vulnerability (CWE-79) Exists. The NetCommWireless NB604N is a router device. Sensitive information or hijacking user sessions. NetCommWireless NB604N is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and to launch other attacks. \nNetCommWireless NB604N GAN5.CZ56T-B-NC.AU-R4B010.EN is vulnerable; other versions may also be affected. NetComm Wireless NB604N Routers is a wireless router product of Australia NetComm Wireless company",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-4871"
},
{
"db": "CERT/CC",
"id": "VU#941108"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004570"
},
{
"db": "CNVD",
"id": "CNVD-2014-06598"
},
{
"db": "BID",
"id": "70253"
},
{
"db": "VULHUB",
"id": "VHN-72812"
}
],
"trust": 3.24
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/941108",
"trust": 0.8,
"type": "poc"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#941108"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#941108",
"trust": 3.9
},
{
"db": "NVD",
"id": "CVE-2014-4871",
"trust": 3.4
},
{
"db": "BID",
"id": "70253",
"trust": 2.0
},
{
"db": "JVN",
"id": "JVNVU93498805",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004570",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201410-133",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2014-06598",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-72812",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#941108"
},
{
"db": "CNVD",
"id": "CNVD-2014-06598"
},
{
"db": "VULHUB",
"id": "VHN-72812"
},
{
"db": "BID",
"id": "70253"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004570"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-133"
},
{
"db": "NVD",
"id": "CVE-2014-4871"
}
]
},
"id": "VAR-201410-0378",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-06598"
},
{
"db": "VULHUB",
"id": "VHN-72812"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-06598"
}
]
},
"last_update_date": "2025-04-13T23:14:42.536000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Support - ADSL2+ Wireless N300 Modem Router - NB604N",
"trust": 0.8,
"url": "http://support.netcommwireless.com/product/adsl/nb604n"
},
{
"title": "\\302\\240\\302\\240\\302\\240\\302\\240\\302\\240NetCommWireless NB604N ADSL2+ Router \u0027wlsecurity.html\u0027 patch for HTML injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/50765"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-06598"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004570"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-72812"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004570"
},
{
"db": "NVD",
"id": "CVE-2014-4871"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://www.kb.cert.org/vuls/id/941108"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/70253"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.8,
"url": "http://support.netcommwireless.com/product/adsl/nb604n"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4871"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu93498805/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4871"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#941108"
},
{
"db": "CNVD",
"id": "CNVD-2014-06598"
},
{
"db": "VULHUB",
"id": "VHN-72812"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004570"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-133"
},
{
"db": "NVD",
"id": "CVE-2014-4871"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#941108"
},
{
"db": "CNVD",
"id": "CNVD-2014-06598"
},
{
"db": "VULHUB",
"id": "VHN-72812"
},
{
"db": "BID",
"id": "70253"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004570"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-133"
},
{
"db": "NVD",
"id": "CVE-2014-4871"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-10-06T00:00:00",
"db": "CERT/CC",
"id": "VU#941108"
},
{
"date": "2014-10-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-06598"
},
{
"date": "2014-10-07T00:00:00",
"db": "VULHUB",
"id": "VHN-72812"
},
{
"date": "2014-10-06T00:00:00",
"db": "BID",
"id": "70253"
},
{
"date": "2014-10-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004570"
},
{
"date": "2014-10-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201410-133"
},
{
"date": "2014-10-07T10:55:04.433000",
"db": "NVD",
"id": "CVE-2014-4871"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-10-06T00:00:00",
"db": "CERT/CC",
"id": "VU#941108"
},
{
"date": "2014-10-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-06598"
},
{
"date": "2015-10-06T00:00:00",
"db": "VULHUB",
"id": "VHN-72812"
},
{
"date": "2014-10-06T00:00:00",
"db": "BID",
"id": "70253"
},
{
"date": "2014-10-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004570"
},
{
"date": "2014-10-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201410-133"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-4871"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201410-133"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetCommWireless NB604N ADSL2+ Router \u0027wlsecurity.html\u0027 HTML Injection Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-06598"
},
{
"db": "BID",
"id": "70253"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201410-133"
}
],
"trust": 0.6
}
}
VAR-201808-0374
Vulnerability from variot - Updated: 2025-01-30 22:19NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. The directory of the device is listed openly without authentication. A device directory leak vulnerability exists in NetCommNWL-25 using firmware 2.0.29.11 and earlier, which an attacker could use to obtain a directory of devices. Multiple information disclosure Vulnerabilities. 2. An cross-site request forgery vulnerability. 3. An cross-site scripting vulnerability. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials and gain access to sensitive information. Failed exploit attempts will likely result in denial of service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0374",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nwl-25",
"scope": "lte",
"trust": 1.0,
"vendor": "netcommwireless",
"version": "2.0.29.11"
},
{
"model": "wireless g lte light industrial m2m router",
"scope": "lte",
"trust": 0.8,
"vendor": "netcomm",
"version": "2.0.29.11"
},
{
"model": "wireless 4g lte light industrial m2m router",
"scope": "lte",
"trust": 0.6,
"vendor": "netcomm",
"version": "\u003c=2.0.29.11"
},
{
"model": "nwl-25",
"scope": "eq",
"trust": 0.6,
"vendor": "netcommwireless",
"version": "2.0.29.11"
},
{
"model": "wireless 4g lte light industrial m2m router",
"scope": "eq",
"trust": 0.3,
"vendor": "netcomm",
"version": "2.0.29.11"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-10269"
},
{
"db": "BID",
"id": "105053"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008972"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-282"
},
{
"db": "NVD",
"id": "CVE-2018-14785"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netcommwireless:nwl-25_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008972"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Aditya K. Sood",
"sources": [
{
"db": "BID",
"id": "105053"
}
],
"trust": 0.3
},
"cve": "CVE-2018-14785",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-14785",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-10269",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-124979",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-14785",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-14785",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-14785",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-10269",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201808-282",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-124979",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-10269"
},
{
"db": "VULHUB",
"id": "VHN-124979"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008972"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-282"
},
{
"db": "NVD",
"id": "CVE-2018-14785"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. The directory of the device is listed openly without authentication. A device directory leak vulnerability exists in NetCommNWL-25 using firmware 2.0.29.11 and earlier, which an attacker could use to obtain a directory of devices. Multiple information disclosure Vulnerabilities. \n2. An cross-site request forgery vulnerability. \n3. An cross-site scripting vulnerability. \nAn attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials and gain access to sensitive information. Failed exploit attempts will likely result in denial of service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-14785"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008972"
},
{
"db": "CNVD",
"id": "CNVD-2019-10269"
},
{
"db": "BID",
"id": "105053"
},
{
"db": "VULHUB",
"id": "VHN-124979"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-14785",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-18-221-02",
"trust": 2.8
},
{
"db": "BID",
"id": "105053",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008972",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201808-282",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-10269",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-124979",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2019-10269"
},
{
"db": "VULHUB",
"id": "VHN-124979"
},
{
"db": "BID",
"id": "105053"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008972"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-282"
},
{
"db": "NVD",
"id": "CVE-2018-14785"
}
]
},
"id": "VAR-201808-0374",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2019-10269"
},
{
"db": "VULHUB",
"id": "VHN-124979"
}
],
"trust": 1.4948052
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"network device"
],
"sub_category": "router",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2019-10269"
}
]
},
"last_update_date": "2025-01-30T22:19:07.846000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.netcommwireless.com/"
},
{
"title": "Patch for NetCommNWL-25 Device Directory Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/158877"
},
{
"title": "NetComm Wireless G LTE Light Industrial M2M Router(NWL-25) Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=83908"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-10269"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008972"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-282"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
},
{
"problemtype": "CWE-548",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-124979"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008972"
},
{
"db": "NVD",
"id": "CVE-2018-14785"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-221-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105053"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14785"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-14785"
},
{
"trust": 0.3,
"url": "https://www.netcommwireless.com/"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2019-10269"
},
{
"db": "VULHUB",
"id": "VHN-124979"
},
{
"db": "BID",
"id": "105053"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008972"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-282"
},
{
"db": "NVD",
"id": "CVE-2018-14785"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2019-10269"
},
{
"db": "VULHUB",
"id": "VHN-124979"
},
{
"db": "BID",
"id": "105053"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008972"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-282"
},
{
"db": "NVD",
"id": "CVE-2018-14785"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-04-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-10269"
},
{
"date": "2018-08-10T00:00:00",
"db": "VULHUB",
"id": "VHN-124979"
},
{
"date": "2018-08-09T00:00:00",
"db": "BID",
"id": "105053"
},
{
"date": "2018-11-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008972"
},
{
"date": "2018-08-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-282"
},
{
"date": "2018-08-10T19:29:00.867000",
"db": "NVD",
"id": "CVE-2018-14785"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-04-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-10269"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-124979"
},
{
"date": "2018-08-09T00:00:00",
"db": "BID",
"id": "105053"
},
{
"date": "2018-11-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008972"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-282"
},
{
"date": "2024-11-21T03:49:47.287000",
"db": "NVD",
"id": "CVE-2018-14785"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-282"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetComm Wireless G LTE Light Industrial M2M Router Vulnerable to information disclosure",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008972"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-282"
}
],
"trust": 0.6
}
}
VAR-201808-0372
Vulnerability from variot - Updated: 2025-01-30 21:09NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. A cross-site request forgery condition can occur, allowing an attacker to change passwords of the device remotely. NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) Contains a cross-site request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Multiple information disclosure Vulnerabilities. 2. 3. An cross-site scripting vulnerability. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials and gain access to sensitive information. Failed exploit attempts will likely result in denial of service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0372",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nwl-25",
"scope": "lte",
"trust": 1.0,
"vendor": "netcommwireless",
"version": "2.0.29.11"
},
{
"model": "wireless g lte light industrial m2m router",
"scope": "lte",
"trust": 0.8,
"vendor": "netcomm",
"version": "2.0.29.11"
},
{
"model": "wireless 4g lte light industrial m2m router",
"scope": "lte",
"trust": 0.6,
"vendor": "netcomm",
"version": "\u003c=2.0.29.11"
},
{
"model": "nwl-25",
"scope": "eq",
"trust": 0.6,
"vendor": "netcommwireless",
"version": "2.0.29.11"
},
{
"model": "wireless 4g lte light industrial m2m router",
"scope": "eq",
"trust": 0.3,
"vendor": "netcomm",
"version": "2.0.29.11"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-10271"
},
{
"db": "BID",
"id": "105053"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008974"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-284"
},
{
"db": "NVD",
"id": "CVE-2018-14783"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netcommwireless:nwl-25_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008974"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Aditya K. Sood",
"sources": [
{
"db": "BID",
"id": "105053"
}
],
"trust": 0.3
},
"cve": "CVE-2018-14783",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2018-14783",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2019-10271",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-124977",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-14783",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-14783",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-14783",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-10271",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201808-284",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-124977",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-10271"
},
{
"db": "VULHUB",
"id": "VHN-124977"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008974"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-284"
},
{
"db": "NVD",
"id": "CVE-2018-14783"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. A cross-site request forgery condition can occur, allowing an attacker to change passwords of the device remotely. NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) Contains a cross-site request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Multiple information disclosure Vulnerabilities. \n2. \n3. An cross-site scripting vulnerability. \nAn attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials and gain access to sensitive information. Failed exploit attempts will likely result in denial of service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-14783"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008974"
},
{
"db": "CNVD",
"id": "CNVD-2019-10271"
},
{
"db": "BID",
"id": "105053"
},
{
"db": "VULHUB",
"id": "VHN-124977"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-14783",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-18-221-02",
"trust": 2.8
},
{
"db": "BID",
"id": "105053",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008974",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201808-284",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-10271",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-124977",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2019-10271"
},
{
"db": "VULHUB",
"id": "VHN-124977"
},
{
"db": "BID",
"id": "105053"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008974"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-284"
},
{
"db": "NVD",
"id": "CVE-2018-14783"
}
]
},
"id": "VAR-201808-0372",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2019-10271"
},
{
"db": "VULHUB",
"id": "VHN-124977"
}
],
"trust": 1.4948052
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"network device"
],
"sub_category": "router",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2019-10271"
}
]
},
"last_update_date": "2025-01-30T21:09:01.589000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.netcommwireless.com/"
},
{
"title": "Patch for NetCommNWL-25 Cross-Site Request Forgery Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/158873"
},
{
"title": "NetComm Wireless G LTE Light Industrial M2M Router(NWL-25) Cross-site request forgery vulnerability Repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=83910"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-10271"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008974"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-284"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-124977"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008974"
},
{
"db": "NVD",
"id": "CVE-2018-14783"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-221-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105053"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14783"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-14783"
},
{
"trust": 0.3,
"url": "https://www.netcommwireless.com/"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2019-10271"
},
{
"db": "VULHUB",
"id": "VHN-124977"
},
{
"db": "BID",
"id": "105053"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008974"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-284"
},
{
"db": "NVD",
"id": "CVE-2018-14783"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2019-10271"
},
{
"db": "VULHUB",
"id": "VHN-124977"
},
{
"db": "BID",
"id": "105053"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008974"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-284"
},
{
"db": "NVD",
"id": "CVE-2018-14783"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-04-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-10271"
},
{
"date": "2018-08-10T00:00:00",
"db": "VULHUB",
"id": "VHN-124977"
},
{
"date": "2018-08-09T00:00:00",
"db": "BID",
"id": "105053"
},
{
"date": "2018-11-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008974"
},
{
"date": "2018-08-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-284"
},
{
"date": "2018-08-10T19:29:00.600000",
"db": "NVD",
"id": "CVE-2018-14783"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-04-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-10271"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-124977"
},
{
"date": "2018-08-09T00:00:00",
"db": "BID",
"id": "105053"
},
{
"date": "2018-11-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008974"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-284"
},
{
"date": "2024-11-21T03:49:47.010000",
"db": "NVD",
"id": "CVE-2018-14783"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-284"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetComm Wireless G LTE Light Industrial M2M Router Vulnerable to cross-site request forgery",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008974"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-284"
}
],
"trust": 0.6
}
}
VAR-201808-0373
Vulnerability from variot - Updated: 2025-01-30 20:54NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. The device is vulnerable to several cross-site scripting attacks, allowing a remote attacker to run arbitrary code on the device. Multiple information disclosure Vulnerabilities. 2. An cross-site request forgery vulnerability. 3. An cross-site scripting vulnerability. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials and gain access to sensitive information. Failed exploit attempts will likely result in denial of service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0373",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nwl-25",
"scope": "lte",
"trust": 1.0,
"vendor": "netcommwireless",
"version": "2.0.29.11"
},
{
"model": "wireless g lte light industrial m2m router",
"scope": "lte",
"trust": 0.8,
"vendor": "netcomm",
"version": "2.0.29.11"
},
{
"model": "wireless 4g lte light industrial m2m router",
"scope": "lte",
"trust": 0.6,
"vendor": "netcomm",
"version": "\u003c=2.0.29.11"
},
{
"model": "nwl-25",
"scope": "eq",
"trust": 0.6,
"vendor": "netcommwireless",
"version": "2.0.29.11"
},
{
"model": "wireless 4g lte light industrial m2m router",
"scope": "eq",
"trust": 0.3,
"vendor": "netcomm",
"version": "2.0.29.11"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-10268"
},
{
"db": "BID",
"id": "105053"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008973"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-283"
},
{
"db": "NVD",
"id": "CVE-2018-14784"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netcommwireless:nwl-25_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008973"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Aditya K. Sood",
"sources": [
{
"db": "BID",
"id": "105053"
}
],
"trust": 0.3
},
"cve": "CVE-2018-14784",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-14784",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2019-10268",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-124978",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2018-14784",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-14784",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-14784",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2019-10268",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201808-283",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-124978",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-10268"
},
{
"db": "VULHUB",
"id": "VHN-124978"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008973"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-283"
},
{
"db": "NVD",
"id": "CVE-2018-14784"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. The device is vulnerable to several cross-site scripting attacks, allowing a remote attacker to run arbitrary code on the device. Multiple information disclosure Vulnerabilities. \n2. An cross-site request forgery vulnerability. \n3. An cross-site scripting vulnerability. \nAn attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials and gain access to sensitive information. Failed exploit attempts will likely result in denial of service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-14784"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008973"
},
{
"db": "CNVD",
"id": "CNVD-2019-10268"
},
{
"db": "BID",
"id": "105053"
},
{
"db": "VULHUB",
"id": "VHN-124978"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-14784",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-18-221-02",
"trust": 2.8
},
{
"db": "BID",
"id": "105053",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008973",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201808-283",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-10268",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-124978",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2019-10268"
},
{
"db": "VULHUB",
"id": "VHN-124978"
},
{
"db": "BID",
"id": "105053"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008973"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-283"
},
{
"db": "NVD",
"id": "CVE-2018-14784"
}
]
},
"id": "VAR-201808-0373",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2019-10268"
},
{
"db": "VULHUB",
"id": "VHN-124978"
}
],
"trust": 1.4948052
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"network device"
],
"sub_category": "router",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2019-10268"
}
]
},
"last_update_date": "2025-01-30T20:54:07.873000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.netcommwireless.com/"
},
{
"title": "Patch for NetCommNWL-25 Cross-Site Scripting Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/158879"
},
{
"title": "NetComm Wireless G LTE Light Industrial M2M Router(NWL-25) Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=83909"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-10268"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008973"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-283"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-124978"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008973"
},
{
"db": "NVD",
"id": "CVE-2018-14784"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-221-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105053"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14784"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-14784"
},
{
"trust": 0.3,
"url": "https://www.netcommwireless.com/"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2019-10268"
},
{
"db": "VULHUB",
"id": "VHN-124978"
},
{
"db": "BID",
"id": "105053"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008973"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-283"
},
{
"db": "NVD",
"id": "CVE-2018-14784"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2019-10268"
},
{
"db": "VULHUB",
"id": "VHN-124978"
},
{
"db": "BID",
"id": "105053"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008973"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-283"
},
{
"db": "NVD",
"id": "CVE-2018-14784"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-04-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-10268"
},
{
"date": "2018-08-10T00:00:00",
"db": "VULHUB",
"id": "VHN-124978"
},
{
"date": "2018-08-09T00:00:00",
"db": "BID",
"id": "105053"
},
{
"date": "2018-11-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008973"
},
{
"date": "2018-08-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-283"
},
{
"date": "2018-08-10T19:29:00.727000",
"db": "NVD",
"id": "CVE-2018-14784"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-04-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-10268"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-124978"
},
{
"date": "2018-08-09T00:00:00",
"db": "BID",
"id": "105053"
},
{
"date": "2018-11-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008973"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-283"
},
{
"date": "2024-11-21T03:49:47.150000",
"db": "NVD",
"id": "CVE-2018-14784"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-283"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetComm Wireless G LTE Light Industrial M2M Router Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008973"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-283"
}
],
"trust": 0.6
}
}
VAR-201808-0371
Vulnerability from variot - Updated: 2025-01-30 19:43NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. The device allows access to configuration files and profiles without authenticating the user. An information disclosure vulnerability exists in NetCommNWL-25 using firmware version 2.0.29.11 and earlier, which could allow an attacker to gain access to a configuration file without authentication. Multiple information disclosure Vulnerabilities. 2. An cross-site request forgery vulnerability. 3. An cross-site scripting vulnerability. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials and gain access to sensitive information. Failed exploit attempts will likely result in denial of service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0371",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nwl-25",
"scope": "lte",
"trust": 1.0,
"vendor": "netcommwireless",
"version": "2.0.29.11"
},
{
"model": "wireless g lte light industrial m2m router",
"scope": "lte",
"trust": 0.8,
"vendor": "netcomm",
"version": "2.0.29.11"
},
{
"model": "wireless 4g lte light industrial m2m router",
"scope": "lte",
"trust": 0.6,
"vendor": "netcomm",
"version": "\u003c=2.0.29.11"
},
{
"model": "nwl-25",
"scope": "eq",
"trust": 0.6,
"vendor": "netcommwireless",
"version": "2.0.29.11"
},
{
"model": "wireless 4g lte light industrial m2m router",
"scope": "eq",
"trust": 0.3,
"vendor": "netcomm",
"version": "2.0.29.11"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-10270"
},
{
"db": "BID",
"id": "105053"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008975"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-285"
},
{
"db": "NVD",
"id": "CVE-2018-14782"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netcommwireless:nwl-25_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008975"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Aditya K. Sood",
"sources": [
{
"db": "BID",
"id": "105053"
}
],
"trust": 0.3
},
"cve": "CVE-2018-14782",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-14782",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-10270",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-124976",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-14782",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-14782",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-14782",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-14782",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-10270",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201808-285",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-124976",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-10270"
},
{
"db": "VULHUB",
"id": "VHN-124976"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008975"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-285"
},
{
"db": "NVD",
"id": "CVE-2018-14782"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. The device allows access to configuration files and profiles without authenticating the user. An information disclosure vulnerability exists in NetCommNWL-25 using firmware version 2.0.29.11 and earlier, which could allow an attacker to gain access to a configuration file without authentication. Multiple information disclosure Vulnerabilities. \n2. An cross-site request forgery vulnerability. \n3. An cross-site scripting vulnerability. \nAn attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials and gain access to sensitive information. Failed exploit attempts will likely result in denial of service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-14782"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008975"
},
{
"db": "CNVD",
"id": "CNVD-2019-10270"
},
{
"db": "BID",
"id": "105053"
},
{
"db": "VULHUB",
"id": "VHN-124976"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-14782",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-18-221-02",
"trust": 2.8
},
{
"db": "BID",
"id": "105053",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008975",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201808-285",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-10270",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-124976",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2019-10270"
},
{
"db": "VULHUB",
"id": "VHN-124976"
},
{
"db": "BID",
"id": "105053"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008975"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-285"
},
{
"db": "NVD",
"id": "CVE-2018-14782"
}
]
},
"id": "VAR-201808-0371",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2019-10270"
},
{
"db": "VULHUB",
"id": "VHN-124976"
}
],
"trust": 1.4948052
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"network device"
],
"sub_category": "router",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2019-10270"
}
]
},
"last_update_date": "2025-01-30T19:43:39.481000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.netcommwireless.com/"
},
{
"title": "Patch for NetCommNWL-25 Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/158875"
},
{
"title": "NetComm Wireless G LTE Light Industrial M2M Router(NWL-25) Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=83911"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-10270"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008975"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-285"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
},
{
"problemtype": "CWE-200",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-124976"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008975"
},
{
"db": "NVD",
"id": "CVE-2018-14782"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-221-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105053"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14782"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-14782"
},
{
"trust": 0.3,
"url": "https://www.netcommwireless.com/"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2019-10270"
},
{
"db": "VULHUB",
"id": "VHN-124976"
},
{
"db": "BID",
"id": "105053"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008975"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-285"
},
{
"db": "NVD",
"id": "CVE-2018-14782"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "CNVD",
"id": "CNVD-2019-10270"
},
{
"db": "VULHUB",
"id": "VHN-124976"
},
{
"db": "BID",
"id": "105053"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008975"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-285"
},
{
"db": "NVD",
"id": "CVE-2018-14782"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-04-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-10270"
},
{
"date": "2018-08-10T00:00:00",
"db": "VULHUB",
"id": "VHN-124976"
},
{
"date": "2018-08-09T00:00:00",
"db": "BID",
"id": "105053"
},
{
"date": "2018-11-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008975"
},
{
"date": "2018-08-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-285"
},
{
"date": "2018-08-10T19:29:00.490000",
"db": "NVD",
"id": "CVE-2018-14782"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-04-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-10270"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-124976"
},
{
"date": "2018-08-09T00:00:00",
"db": "BID",
"id": "105053"
},
{
"date": "2018-11-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008975"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-285"
},
{
"date": "2024-11-21T03:49:46.880000",
"db": "NVD",
"id": "CVE-2018-14782"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-285"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetComm Wireless G LTE Light Industrial M2M Router Authentication vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008975"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-285"
}
],
"trust": 0.6
}
}
VAR-201911-1540
Vulnerability from variot - Updated: 2024-11-23 22:25Technicolor C2000T and C2100T uses hard-coded cryptographic keys. Many embedded devices are not unique X.509 Certificate and SSH Spoofing and intermediary because host key is used (man-in-the-middle) There is a possibility of being attacked and attacks such as decryption of communication contents. The encryption key is hard-coded (CWE-321) SEC Consult of Stefan Viehböck According to the survey, many embedded devices are not unique X.509 Certificate and SSH It is said that it is accessible from the Internet using a host key. A hard-coded key in a firmware image or a repository stored by scanning the Internet scans.io ( In particular SSH And the result of SSL Certificate ) A device that uses a certificate whose fingerprint matches the data of can be determined to be vulnerable. Affected devices include household routers and IP From the camera VoIP Wide range of products. CWE-321: Use of Hard-coded Cryptographic Key http://cwe.mitre.org/data/definitions/321.html scans.io https://scans.io/ SSH Result of https://scans.io/series/ssh-rsa-full-ipv4 SSL Certificate https://scans.io/study/sonar.ssl In many vulnerable devices, certificate and key reuse is limited to a limited product line by a specific developer, but there are several examples where multiple developers use the same certificate or key. Or exist. These are common SDK Firmware developed using, or ISP Provided by OEM The root cause is the use of device firmware. Vulnerable equipment is impersonation and intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. Perhaps the attacker can obtain authentication information and other sensitive information and use it for further attacks. Survey results and certificates SSH For more information on systems affected by host key issues, see SEC Consult See the blog post. Certificate https://www.sec-consult.com/download/certificates.html SSH Host key https://www.sec-consult.com/download/ssh_host_keys.html SEC Consult http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.htmlA remote attacker impersonates a user or intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. As a result, confidential information may be leaked
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201911-1540",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "c2100t",
"scope": "eq",
"trust": 2.2,
"vendor": "technicolor",
"version": null
},
{
"model": "c2000t",
"scope": "eq",
"trust": 2.2,
"vendor": "technicolor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "actiontec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "general electric",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "huawei",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netcomm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sierra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "technicolor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubiquiti",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "unify",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zte",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "c1000z",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "fr1000z",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "gs1900-24",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "gs1900-8",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1100-n",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1100-nh",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1121-ni",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1123-ac",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "nwa1123-ni",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "p-660hn-51",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "p-663hn-51",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "p8702n",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "pmg5318-b20a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "q1000",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "sbg3300-n000",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "sbg3300-nb00",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "sbg3500-n000",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg1312-b10a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg1312-b30a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg1312-b30b",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg4380-b10a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg8324-b10a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg8924-b10a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vmg8924-b30a",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "vsg1435-b101",
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": "",
"scope": null,
"trust": 0.8,
"vendor": "multiple vendors",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-301"
},
{
"db": "NVD",
"id": "CVE-2015-7276"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:zyxel:c1000z_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:fr1000z_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:gs1900-24_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:gs1900-8_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1100-n_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1100-nh_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1121-ni_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1123-ac_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:nwa1123-ni_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:p-660hn-51_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:p-663hn-51_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:p8702n_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:pmg5318-b20a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:q1000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:sbg3300-n000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:sbg3300-nb00_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:sbg3500-n000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg1312-b10a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg1312-b30a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg1312-b30b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg4380-b10a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg8324-b10a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg8924-b10a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vmg8924-b30a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:zyxel:vsg1435-b101_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:misc:multiple_vendors",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
}
]
},
"cve": "CVE-2015-7276",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-7276",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-7276",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2015-7276",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7276",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-7276",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201911-301",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-301"
},
{
"db": "NVD",
"id": "CVE-2015-7276"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Technicolor C2000T and C2100T uses hard-coded cryptographic keys. Many embedded devices are not unique X.509 Certificate and SSH Spoofing and intermediary because host key is used (man-in-the-middle) There is a possibility of being attacked and attacks such as decryption of communication contents. The encryption key is hard-coded (CWE-321) SEC Consult of Stefan Viehb\u0026#246;ck According to the survey, many embedded devices are not unique X.509 Certificate and SSH It is said that it is accessible from the Internet using a host key. A hard-coded key in a firmware image or a repository stored by scanning the Internet scans.io ( In particular SSH And the result of SSL Certificate ) A device that uses a certificate whose fingerprint matches the data of can be determined to be vulnerable. Affected devices include household routers and IP From the camera VoIP Wide range of products. CWE-321: Use of Hard-coded Cryptographic Key http://cwe.mitre.org/data/definitions/321.html scans.io https://scans.io/ SSH Result of https://scans.io/series/ssh-rsa-full-ipv4 SSL Certificate https://scans.io/study/sonar.ssl In many vulnerable devices, certificate and key reuse is limited to a limited product line by a specific developer, but there are several examples where multiple developers use the same certificate or key. Or exist. These are common SDK Firmware developed using, or ISP Provided by OEM The root cause is the use of device firmware. Vulnerable equipment is impersonation and intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. Perhaps the attacker can obtain authentication information and other sensitive information and use it for further attacks. Survey results and certificates SSH For more information on systems affected by host key issues, see SEC Consult See the blog post. Certificate https://www.sec-consult.com/download/certificates.html SSH Host key https://www.sec-consult.com/download/ssh_host_keys.html SEC Consult http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.htmlA remote attacker impersonates a user or intermediary (man-in-the-middle) There is a possibility of being attacked or deciphering the communication contents. As a result, confidential information may be leaked",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7276"
},
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#566724",
"trust": 3.2
},
{
"db": "NVD",
"id": "CVE-2015-7276",
"trust": 2.4
},
{
"db": "JVN",
"id": "JVNVU96100360",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201911-301",
"trust": 0.6
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-301"
},
{
"db": "NVD",
"id": "CVE-2015-7276"
}
]
},
"id": "VAR-201911-1540",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.5497076
},
"last_update_date": "2024-11-23T22:25:43.507000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Zyxel to Fix SSH Private Key and Certificate Vulnerability (CVE-2015-7256)",
"trust": 0.8,
"url": "http://www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7276"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.kb.cert.org/vuls/id/566724"
},
{
"trust": 1.6,
"url": "http://blog.sec-consult.com/2015/11/house-of-keys-industry-wide-https.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7276"
},
{
"trust": 1.0,
"url": "https://sec-consult.com/en/blog/2015/11/house-of-keys-industry-wide-https/"
},
{
"trust": 0.8,
"url": "http://blog.sec-consult.com/2016/09/house-of-keys-9-months-later-40-worse.html"
},
{
"trust": 0.8,
"url": "https://www.sec-consult.com/download/certificates.html"
},
{
"trust": 0.8,
"url": "https://www.sec-consult.com/download/ssh_host_keys.html"
},
{
"trust": 0.8,
"url": "https://scans.io/"
},
{
"trust": 0.8,
"url": "https://scans.io/series/ssh-rsa-full-ipv4"
},
{
"trust": 0.8,
"url": "https://scans.io/study/sonar.ssl"
},
{
"trust": 0.8,
"url": "https://censys.io"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6358"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7255"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7256"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7276"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8251"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu96100360/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7256"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6358"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7255"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8251"
},
{
"trust": 0.6,
"url": "https/"
},
{
"trust": 0.6,
"url": "https://sec-consult.com/en/blog/2015/11/house-of-keys-industry-wide-"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-301"
},
{
"db": "NVD",
"id": "CVE-2015-7276"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#566724"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-301"
},
{
"db": "NVD",
"id": "CVE-2015-7276"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-25T00:00:00",
"db": "CERT/CC",
"id": "VU#566724"
},
{
"date": "2016-02-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"date": "2019-11-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-301"
},
{
"date": "2019-11-06T16:15:10.447000",
"db": "NVD",
"id": "CVE-2015-7276"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-06T00:00:00",
"db": "CERT/CC",
"id": "VU#566724"
},
{
"date": "2018-02-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006907"
},
{
"date": "2019-11-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-301"
},
{
"date": "2024-11-21T02:36:29.163000",
"db": "NVD",
"id": "CVE-2015-7276"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-301"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Embedded devices use non-unique X.509 certificates and SSH host keys",
"sources": [
{
"db": "CERT/CC",
"id": "VU#566724"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-301"
}
],
"trust": 0.6
}
}
VAR-201210-0629
Vulnerability from variot - Updated: 2022-05-17 22:47BigPond Wireless Broadband Gateway has an undocumented account \"Monitor\" with a default password of \"bigpond1\", which allows an attacker to exploit the vulnerability to gain access to the web server. The BigPond Wireless Broadband Gateway is a wireless broadband gateway. BigPond Wireless Broadband Gateway \"ping.cgi\" script has an input validation error. Allows an attacker to submit a specially crafted HTTP GET request to inject any SHELL command. Exploiting these issues could allow a remote attacker to bypass authentication or execute arbitrary commands in the context of the affected device. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: BigPond Wireless Broadband Gateway 3G21WB Undocumented Account and Command Injection
SECUNIA ADVISORY ID: SA50951
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50951/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50951
RELEASE DATE: 2012-10-12
DISCUSS ADVISORY: http://secunia.com/advisories/50951/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50951/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50951
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Roberto Paleari has reported two security issues in BigPond Wireless Broadband Gateway 3G21WB, which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable device.
SOLUTION: No official solution is currently available.
PROVIDED AND/OR DISCOVERED BY: Roberto Paleari
ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2012-10/0072.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201210-0629",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "bigpond wireless broadband gateway 3g21wb",
"scope": null,
"trust": 1.2,
"vendor": "netcomm",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5783"
},
{
"db": "CNVD",
"id": "CNVD-2012-5782"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Roberto Paleari",
"sources": [
{
"db": "BID",
"id": "55907"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-431"
}
],
"trust": 0.9
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BigPond Wireless Broadband Gateway has an undocumented account \\\"Monitor\\\" with a default password of \\\"bigpond1\\\", which allows an attacker to exploit the vulnerability to gain access to the web server. The BigPond Wireless Broadband Gateway is a wireless broadband gateway. BigPond Wireless Broadband Gateway \\\"ping.cgi\\\" script has an input validation error. Allows an attacker to submit a specially crafted HTTP GET request to inject any SHELL command. \nExploiting these issues could allow a remote attacker to bypass authentication or execute arbitrary commands in the context of the affected device. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nBigPond Wireless Broadband Gateway 3G21WB Undocumented Account and\nCommand Injection\n\nSECUNIA ADVISORY ID:\nSA50951\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50951/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50951\n\nRELEASE DATE:\n2012-10-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50951/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50951/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50951\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nRoberto Paleari has reported two security issues in BigPond Wireless\nBroadband Gateway 3G21WB, which can be exploited by malicious people\nto bypass certain security restrictions and compromise a vulnerable\ndevice. \n\nSOLUTION:\nNo official solution is currently available. \n\nPROVIDED AND/OR DISCOVERED BY:\nRoberto Paleari\n\nORIGINAL ADVISORY:\nhttp://archives.neohapsis.com/archives/bugtraq/2012-10/0072.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5783"
},
{
"db": "CNVD",
"id": "CNVD-2012-5782"
},
{
"db": "BID",
"id": "55907"
},
{
"db": "PACKETSTORM",
"id": "117340"
}
],
"trust": 1.44
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "55907",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "50951",
"trust": 1.3
},
{
"db": "CNVD",
"id": "CNVD-2012-5783",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2012-5782",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201210-431",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "117340",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5783"
},
{
"db": "CNVD",
"id": "CNVD-2012-5782"
},
{
"db": "BID",
"id": "55907"
},
{
"db": "PACKETSTORM",
"id": "117340"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-431"
}
]
},
"id": "VAR-201210-0629",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5783"
},
{
"db": "CNVD",
"id": "CNVD-2012-5782"
}
],
"trust": 2.2
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 1.2
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5783"
},
{
"db": "CNVD",
"id": "CNVD-2012-5782"
}
]
},
"last_update_date": "2022-05-17T22:47:47.872000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.2,
"url": "http://secunia.com/advisories/50951/http"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/55907"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50951/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50951"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-10/0072.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50951/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5783"
},
{
"db": "CNVD",
"id": "CNVD-2012-5782"
},
{
"db": "PACKETSTORM",
"id": "117340"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-431"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2012-5783"
},
{
"db": "CNVD",
"id": "CNVD-2012-5782"
},
{
"db": "BID",
"id": "55907"
},
{
"db": "PACKETSTORM",
"id": "117340"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-431"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-10-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5783"
},
{
"date": "2012-10-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5782"
},
{
"date": "2012-10-12T00:00:00",
"db": "BID",
"id": "55907"
},
{
"date": "2012-10-12T03:38:20",
"db": "PACKETSTORM",
"id": "117340"
},
{
"date": "2012-10-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-431"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-10-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5783"
},
{
"date": "2012-10-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5782"
},
{
"date": "2012-10-12T00:00:00",
"db": "BID",
"id": "55907"
},
{
"date": "2012-10-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-431"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-431"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BigPond Wireless Broadband Gateway Built-in Account Permission Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5783"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "55907"
}
],
"trust": 0.3
}
}