VAR-201407-0712
Vulnerability from variot - Updated: 2022-05-17 01:51MTS MBlaze Ultra Wi-Fi ZTE AC3633 is a wireless modem. MTS MBlaze Ultra Wi-Fi ZTE AC3633 has a cross-site request forgery vulnerability, a security bypass vulnerability, an authentication bypass vulnerability, and an information disclosure vulnerability. A remote attacker could use these vulnerabilities to perform administrator actions, obtain sensitive information, bypass certain security restrictions, or gain access to affected devices. Other attacks are also possible
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201407-0712",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mblaze ultra wi-fi zte ac3633",
"scope": null,
"trust": 0.6,
"vendor": "mts",
"version": null
},
{
"model": "mblaze ultra 3g plus wi-fi dongle",
"scope": "eq",
"trust": 0.3,
"vendor": "mts",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04553"
},
{
"db": "BID",
"id": "68806"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ajin Abraham",
"sources": [
{
"db": "BID",
"id": "68806"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-538"
}
],
"trust": 0.9
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2014-04553",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2014-04553",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04553"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MTS MBlaze Ultra Wi-Fi ZTE AC3633 is a wireless modem. \nMTS MBlaze Ultra Wi-Fi ZTE AC3633 has a cross-site request forgery vulnerability, a security bypass vulnerability, an authentication bypass vulnerability, and an information disclosure vulnerability. A remote attacker could use these vulnerabilities to perform administrator actions, obtain sensitive information, bypass certain security restrictions, or gain access to affected devices. Other attacks are also possible",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04553"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-538"
},
{
"db": "BID",
"id": "68806"
}
],
"trust": 1.35
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "68806",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2014-04553",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201407-538",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04553"
},
{
"db": "BID",
"id": "68806"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-538"
}
]
},
"id": "VAR-201407-0712",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04553"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04553"
}
]
},
"last_update_date": "2022-05-17T01:51:09.782000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/68806"
},
{
"trust": 0.3,
"url": "http://opensecurity.in/mts-mblaze-ultra-wi-fi-zte-ac3633-exploit/"
},
{
"trust": 0.3,
"url": "http://www.thinkofus.in/index.php?route=product/product\u0026product_id=209"
},
{
"trust": 0.3,
"url": "https://github.com/ajinabraham/poc/blob/master/mts%20mblaze%20ultra%20wi-fi_zte%20ac3633%20exploit.py"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04553"
},
{
"db": "BID",
"id": "68806"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-538"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-04553"
},
{
"db": "BID",
"id": "68806"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-538"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-07-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-04553"
},
{
"date": "2014-07-21T00:00:00",
"db": "BID",
"id": "68806"
},
{
"date": "2014-07-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201407-538"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-07-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-04553"
},
{
"date": "2014-07-21T00:00:00",
"db": "BID",
"id": "68806"
},
{
"date": "2014-07-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201407-538"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201407-538"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MTS MBlaze Ultra Wi-Fi ZTE AC3633 Multiple Security Vulnerabilities",
"sources": [
{
"db": "BID",
"id": "68806"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-538"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "68806"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…