VAR-201412-0663
Vulnerability from variot - Updated: 2022-05-17 01:47The Prolink PRN2001 Router is a router device. The Prolink PRN2001 Router has multiple security vulnerabilities, allowing attackers to create administrator privileges, upgrade device firmware, upload and download configuration files, enhance privileges, and obtain sensitive information. Fida International Prolink PRN2001 is a wireless router product from Singapore Fida International. There is a security vulnerability in Fida International Prolink PRN2001 Router. An attacker could use this vulnerability to execute arbitrary HTML or JavaScript code in the context of the affected site, steal cookie-based authentication or control the way the site is presented to the user, crash the application, bypass security restrictions, and gain access to sensitive information . Vulnerabilities exist in the PRN2001 Router using version 1.2 firmware, other versions may also be affected. Other attacks are also possible
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0663",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "prn2001 router",
"scope": null,
"trust": 0.6,
"vendor": "prolink",
"version": null
},
{
"model": "prn2001",
"scope": "eq",
"trust": 0.3,
"vendor": "prolink",
"version": "1.2"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08743"
},
{
"db": "BID",
"id": "71427"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Herman Groeneveld",
"sources": [
{
"db": "BID",
"id": "71427"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-071"
}
],
"trust": 0.9
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-08743",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2014-08743",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08743"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Prolink PRN2001 Router is a router device. The Prolink PRN2001 Router has multiple security vulnerabilities, allowing attackers to create administrator privileges, upgrade device firmware, upload and download configuration files, enhance privileges, and obtain sensitive information. Fida International Prolink PRN2001 is a wireless router product from Singapore Fida International. \nThere is a security vulnerability in Fida International Prolink PRN2001 Router. An attacker could use this vulnerability to execute arbitrary HTML or JavaScript code in the context of the affected site, steal cookie-based authentication or control the way the site is presented to the user, crash the application, bypass security restrictions, and gain access to sensitive information . Vulnerabilities exist in the PRN2001 Router using version 1.2 firmware, other versions may also be affected. Other attacks are also possible",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08743"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-071"
},
{
"db": "BID",
"id": "71427"
}
],
"trust": 1.35
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "71427",
"trust": 1.5
},
{
"db": "EXPLOIT-DB",
"id": "35419",
"trust": 0.6
},
{
"db": "EXPLOITDB",
"id": "35419",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2014-08743",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201412-071",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08743"
},
{
"db": "BID",
"id": "71427"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-071"
}
]
},
"id": "VAR-201412-0663",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08743"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08743"
}
]
},
"last_update_date": "2022-05-17T01:47:58.334000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/71427"
},
{
"trust": 0.6,
"url": "http://www.exploit-db.com/exploits/35419/"
},
{
"trust": 0.3,
"url": "http://www.prolink2u.com/new/products/index.php?cid=375"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08743"
},
{
"db": "BID",
"id": "71427"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-071"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-08743"
},
{
"db": "BID",
"id": "71427"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-071"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-08743"
},
{
"date": "2014-12-01T00:00:00",
"db": "BID",
"id": "71427"
},
{
"date": "2014-12-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-071"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-08743"
},
{
"date": "2014-12-01T00:00:00",
"db": "BID",
"id": "71427"
},
{
"date": "2014-12-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-071"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-071"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in Prolink PRN2001 Router",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08743"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "71427"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…