VAR-190001-0476
Vulnerability from variot - Updated: 2022-05-17 02:03Dlink DPH is an IP telephony solution. A security vulnerability exists in the web management interface of Dlink DPH 150SE, which allows unauthenticated users to obtain profile information including the administrator password. Dlink DPH IP phones are prone to multiple remote vulnerabilities. The following devices are affected: Dlink DPH 150SE Dlink DPH 150E Dlink DPH 150F1
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-190001-0476",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dph 150e",
"scope": null,
"trust": 2.7,
"vendor": "dlink",
"version": null
},
{
"model": "dph 150f1",
"scope": null,
"trust": 2.7,
"vendor": "dlink",
"version": null
},
{
"model": "dph 150se",
"scope": null,
"trust": 2.7,
"vendor": "dlink",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2878"
},
{
"db": "CNVD",
"id": "CNVD-2011-2874"
},
{
"db": "CNVD",
"id": "CNVD-2011-2875"
},
{
"db": "CNVD",
"id": "CNVD-2011-2876"
},
{
"db": "BID",
"id": "48894"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Zaitsev, Gleb Gritsai and Yuri Goltsev, Positive Research Lab",
"sources": [
{
"db": "BID",
"id": "48894"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-404"
}
],
"trust": 0.9
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dlink DPH is an IP telephony solution. A security vulnerability exists in the web management interface of Dlink DPH 150SE, which allows unauthenticated users to obtain profile information including the administrator password. Dlink DPH IP phones are prone to multiple remote vulnerabilities. \nThe following devices are affected:\nDlink DPH 150SE\nDlink DPH 150E\nDlink DPH 150F1",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2878"
},
{
"db": "CNVD",
"id": "CNVD-2011-2874"
},
{
"db": "CNVD",
"id": "CNVD-2011-2875"
},
{
"db": "CNVD",
"id": "CNVD-2011-2876"
},
{
"db": "BID",
"id": "48894"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "48894",
"trust": 3.3
},
{
"db": "CNVD",
"id": "CNVD-2011-2878",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2011-2874",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2011-2875",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2011-2876",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201107-404",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2878"
},
{
"db": "CNVD",
"id": "CNVD-2011-2874"
},
{
"db": "CNVD",
"id": "CNVD-2011-2875"
},
{
"db": "CNVD",
"id": "CNVD-2011-2876"
},
{
"db": "BID",
"id": "48894"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-404"
}
]
},
"id": "VAR-190001-0476",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2878"
},
{
"db": "CNVD",
"id": "CNVD-2011-2874"
},
{
"db": "CNVD",
"id": "CNVD-2011-2875"
},
{
"db": "CNVD",
"id": "CNVD-2011-2876"
}
],
"trust": 3.3
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 2.4
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2878"
},
{
"db": "CNVD",
"id": "CNVD-2011-2874"
},
{
"db": "CNVD",
"id": "CNVD-2011-2875"
},
{
"db": "CNVD",
"id": "CNVD-2011-2876"
}
]
},
"last_update_date": "2022-05-17T02:03:06.942000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Dlink DPH 150SE/E/F1 IP Phones Device Restart Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/4549"
},
{
"title": "Dlink DPH 150SE/E/F1 IP Phones Information Disclosure Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/4553"
},
{
"title": "Dlink DPH 150SE/E/F1 IP Phones File Upload Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/4552"
},
{
"title": "Dlink DPH 150SE/E/F1 IP Phones message modification vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/4550"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2878"
},
{
"db": "CNVD",
"id": "CNVD-2011-2874"
},
{
"db": "CNVD",
"id": "CNVD-2011-2875"
},
{
"db": "CNVD",
"id": "CNVD-2011-2876"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/archive/1/518998"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/48894"
},
{
"trust": 0.3,
"url": "http://www.dlink.ru/ru/products/8/1352.html"
},
{
"trust": 0.3,
"url": "/archive/1/518998"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2878"
},
{
"db": "CNVD",
"id": "CNVD-2011-2874"
},
{
"db": "CNVD",
"id": "CNVD-2011-2875"
},
{
"db": "CNVD",
"id": "CNVD-2011-2876"
},
{
"db": "BID",
"id": "48894"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-404"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2011-2878"
},
{
"db": "CNVD",
"id": "CNVD-2011-2874"
},
{
"db": "CNVD",
"id": "CNVD-2011-2875"
},
{
"db": "CNVD",
"id": "CNVD-2011-2876"
},
{
"db": "BID",
"id": "48894"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-404"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2878"
},
{
"date": "2011-07-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2874"
},
{
"date": "2011-07-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2875"
},
{
"date": "2011-07-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2876"
},
{
"date": "2011-07-26T00:00:00",
"db": "BID",
"id": "48894"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201107-404"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2878"
},
{
"date": "2011-07-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2874"
},
{
"date": "2011-07-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2875"
},
{
"date": "2011-07-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2876"
},
{
"date": "2011-07-26T00:00:00",
"db": "BID",
"id": "48894"
},
{
"date": "2011-07-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201107-404"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201107-404"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dlink DPH 150SE/E/F1 IP Phones Device Restart Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2878"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201107-404"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…