VAR-200410-0149
Vulnerability from variot - Updated: 2022-05-17 02:083Com OfficeConnect ADSL Wireless 11g Firewall Router is affected by an authentication bypass vulnerability; This issue is due to a failure of the device to properly validate an authenticated administrator. An attacker could leverage this issue to gain administrative access to the affective device facilitating disclosure of administrator passwords, WEP encryption keys, configuration manipulation and denial of service. It should be noted that this issue was originally reported in vulnerability report '3Com OfficeConnect ADSL Wireless 11g Firewall Router Multiple Unspecified Vulnerabilities' (BID 11422). It has been assigned its own BID as more information has been made available.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200410-0149",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "officeconnect adsl wireless 11g firewall router",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1.24"
},
{
"model": "officeconnect adsl wireless 11g firewall router",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1.23"
},
{
"model": "officeconnect adsl wireless 11g firewall router",
"scope": "eq",
"trust": 0.3,
"vendor": "3com",
"version": "1.13"
},
{
"model": "3crwe754g72-a wireless connectivity devices",
"scope": null,
"trust": 0.3,
"vendor": "3com",
"version": null
},
{
"model": "officeconnect adsl wireless 11g firewall router",
"scope": "ne",
"trust": 0.3,
"vendor": "3com",
"version": "1.27"
}
],
"sources": [
{
"db": "BID",
"id": "11438"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery of this issue is credited to Cyrille Barthelemy \u003ccb-lse@ifrance.com\u003e.",
"sources": [
{
"db": "BID",
"id": "11438"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com OfficeConnect ADSL Wireless 11g Firewall Router is affected by an authentication bypass vulnerability; This issue is due to a failure of the device to properly validate an authenticated administrator.\nAn attacker could leverage this issue to gain administrative access to the affective device facilitating disclosure of administrator passwords, WEP encryption keys, configuration manipulation and denial of service.\nIt should be noted that this issue was originally reported in vulnerability report \u00273Com OfficeConnect ADSL Wireless 11g Firewall Router Multiple Unspecified Vulnerabilities\u0027 (BID 11422). It has been assigned its own BID as more information has been made available.",
"sources": [
{
"db": "BID",
"id": "11438"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "11438",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "11438"
}
]
},
"id": "VAR-200410-0149",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.6666667
},
"last_update_date": "2022-05-17T02:08:43.703000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.3com.com/products/en_us/result.jsp?selected=6\u0026sort=effdt\u0026sku=3crwe754g72-a\u0026order=desc"
},
{
"trust": 0.3,
"url": "http://www.3com.com/products/en_us/detail.jsp?tab=features\u0026pathtype=purchase\u0026sku=3crwe754g72-a"
}
],
"sources": [
{
"db": "BID",
"id": "11438"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "11438"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-10-18T00:00:00",
"db": "BID",
"id": "11438"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-10-18T00:00:00",
"db": "BID",
"id": "11438"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "11438"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3Com OfficeConnect ADSL Wireless 11g Firewall Router Authentication Bypass Vulnerability",
"sources": [
{
"db": "BID",
"id": "11438"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Access Validation Error",
"sources": [
{
"db": "BID",
"id": "11438"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…