VAR-201702-0312
Vulnerability from variot - Updated: 2025-04-20 23:20ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote attackers to bypass intended access restrictions via a direct request. NOTE: this issue can be combined with CVE-2015-6024 to execute arbitrary commands. HELPNetCommWirelessHSPA3G10WVE is a wireless router product from HELP of the United Arab Emirates. This may lead to further attacks. NetCommWireless Wireless Router 3G10WVE-L101-S306ETS-C01_R03 is vulnerable; other versions may also be affected. Title: ====
NetCommWireless HSPA 3G10WVE Wireless Router \x96 Multiple vulnerabilities
Credit:
Name: Bhadresh Patel Company/affiliation: HelpAG Website: www.helpag.com
CVE:
CVE-2015-6023, CVE-2016-6024
Date:
03-05-2016 (dd/mm/yyyy)
Vendor:
NetComm Wireless is a leading developer and supplier of high performance communication devices that connect businesses and people to the internet.
Products and services: Wireless 3G/4G broadband devices Custom engineered technologies Broadband communication devices
Customers: Telecommunications carriers Internet Service Providers System Integrators Channel partners Enterprise customers
Product:
HSPA 3G10WVE is a wireless router
It integrates a wireless LAN, HSPA module and voice gateway into one stylish unit. Insert an active HSPA SIM Card into the slot on the rear panel & get instant access to 3G internet connection. Featuring voice port which means that one can stay connected using the internet & phone. If one need a flexible internet connection for his business or at home; this is the perfect solution.
Report-Timeline:
03-09-2015: Vendor notification 08-09-2015: Vendor Response/Feedback 02-05-2016: Vendor Fix/Patch 03-05-2016: Public Disclosure
Affected Software Version:
3G10WVE-L101-S306ETS-C01_R03
Exploitation-Technique:
Remote
Severity Rating (CVSS):
10.0 (Critical) (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Details:
Below listed vulnerabilities enable an anonymous unauthorized attacker to gain access of network troubleshooting page (ping.cgi) on wireless router and inject commands to compromise full system/network.
1) Bypass authentication and gain unauthorized access vulnerability - CVE-2015-6023 2) Command injection vulnerability - CVE-2016-6024
Vulnerable module/page/application: ping.cgi
Vulnerable parameter: DIA_IPADDRESS
Proof Of Concept:
PoC URL: http(s):///ping.cgi?DIA_IPADDRESS=4.2.2.2;cat%20/etc/passwd
PoC Video: https://www.youtube.com/watch?v=FS43MRG7RDk
Patched/Fixed Firmware and notes:
ftp://files.planetnetcomm.com/3G10WVE/3G10WVE-L101-S306ETS-C01_R05.bin
NOTE: Verified only by Vendor
Credits:
Bhadresh Patel Senior Security Analyst HelpAG (www.helpag.com)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-0312",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hspa 3g10wve",
"scope": "eq",
"trust": 1.6,
"vendor": "netcommwireless",
"version": "3g10wve-l101-s306ets-c01_r03"
},
{
"model": "netcommwireless hspa 3g10wve",
"scope": null,
"trust": 0.8,
"vendor": "netcomm",
"version": null
},
{
"model": "netcommwireless hspa 3g10wve",
"scope": "lt",
"trust": 0.8,
"vendor": "netcomm",
"version": "3g10wve-l101-s306ets-c01_r05"
},
{
"model": "netcommwireless hspa 3g10wve",
"scope": null,
"trust": 0.6,
"vendor": "help",
"version": null
},
{
"model": "wireless hspa 3g10wve-l101-s306ets",
"scope": null,
"trust": 0.3,
"vendor": "netcomm",
"version": null
},
{
"model": "wireless hspa 3g10wve-l101-s306ets",
"scope": "ne",
"trust": 0.3,
"vendor": "netcomm",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02892"
},
{
"db": "BID",
"id": "96383"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007391"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-127"
},
{
"db": "NVD",
"id": "CVE-2015-6023"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:netcommwireless:hspa_3g10wve",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netcommwireless:hspa_3g10wve_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007391"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bhadresh Patel.",
"sources": [
{
"db": "BID",
"id": "96383"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6023",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6023",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2016-02892",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-83984",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2015-6023",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6023",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-6023",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2016-02892",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-127",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-83984",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-6023",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02892"
},
{
"db": "VULHUB",
"id": "VHN-83984"
},
{
"db": "VULMON",
"id": "CVE-2015-6023"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007391"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-127"
},
{
"db": "NVD",
"id": "CVE-2015-6023"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote attackers to bypass intended access restrictions via a direct request. NOTE: this issue can be combined with CVE-2015-6024 to execute arbitrary commands. HELPNetCommWirelessHSPA3G10WVE is a wireless router product from HELP of the United Arab Emirates. This may lead to further attacks. \nNetCommWireless Wireless Router 3G10WVE-L101-S306ETS-C01_R03 is vulnerable; other versions may also be affected. Title:\n====\n\nNetCommWireless HSPA 3G10WVE Wireless Router \\x96 Multiple vulnerabilities\n\nCredit:\n======\n\nName: Bhadresh Patel\nCompany/affiliation: HelpAG\nWebsite: www.helpag.com\n\nCVE:\n=====\n\nCVE-2015-6023, CVE-2016-6024\n\nDate:\n====\n\n03-05-2016 (dd/mm/yyyy)\n\nVendor:\n======\n\nNetComm Wireless is a leading developer and supplier of high performance communication devices that connect businesses and people to the internet. \n\nProducts and services:\nWireless 3G/4G broadband devices\nCustom engineered technologies\nBroadband communication devices\n\nCustomers:\nTelecommunications carriers\nInternet Service Providers\nSystem Integrators\nChannel partners\nEnterprise customers\n\nProduct:\n=======\n\nHSPA 3G10WVE is a wireless router\n\nIt integrates a wireless LAN, HSPA module and voice gateway into one stylish unit. Insert an active HSPA SIM Card into the slot on the rear panel \u0026 get instant access to 3G internet connection. Featuring voice port which means that one can stay connected using the internet \u0026 phone. If one need a flexible internet connection for his business or at home; this is the perfect solution. \n\nReport-Timeline:\n============\n03-09-2015: Vendor notification\n08-09-2015: Vendor Response/Feedback\n02-05-2016: Vendor Fix/Patch\n03-05-2016: Public Disclosure\n\nAffected Software Version:\n=============\n\n3G10WVE-L101-S306ETS-C01_R03\n\n\nExploitation-Technique:\n===================\n\nRemote\n\n\nSeverity Rating (CVSS):\n===================\n\n10.0 (Critical) (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\n\nDetails:\n=======\n\nBelow listed vulnerabilities enable an anonymous unauthorized attacker to gain access of network troubleshooting page (ping.cgi) on wireless router and inject commands to compromise full system/network. \n\n1) Bypass authentication and gain unauthorized access vulnerability - CVE-2015-6023\n2) Command injection vulnerability - CVE-2016-6024\n\nVulnerable module/page/application: ping.cgi\n\nVulnerable parameter: DIA_IPADDRESS\n\nProof Of Concept:\n================\n\nPoC URL: http(s)://\u003cvictim_IP\u003e/ping.cgi?DIA_IPADDRESS=4.2.2.2;cat%20/etc/passwd\n\nPoC Video: https://www.youtube.com/watch?v=FS43MRG7RDk\n\nPatched/Fixed Firmware and notes:\n==========================\n\nftp://files.planetnetcomm.com/3G10WVE/3G10WVE-L101-S306ETS-C01_R05.bin\n\nNOTE: Verified only by Vendor\n\n\n\nCredits:\n=======\n\nBhadresh Patel\nSenior Security Analyst\nHelpAG (www.helpag.com)\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6023"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007391"
},
{
"db": "CNVD",
"id": "CNVD-2016-02892"
},
{
"db": "BID",
"id": "96383"
},
{
"db": "VULHUB",
"id": "VHN-83984"
},
{
"db": "VULMON",
"id": "CVE-2015-6023"
},
{
"db": "PACKETSTORM",
"id": "136901"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-83984",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=39762",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83984"
},
{
"db": "VULMON",
"id": "CVE-2015-6023"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6023",
"trust": 3.6
},
{
"db": "PACKETSTORM",
"id": "136901",
"trust": 3.3
},
{
"db": "EXPLOIT-DB",
"id": "39762",
"trust": 1.8
},
{
"db": "BID",
"id": "96383",
"trust": 1.5
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007391",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201605-127",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-02892",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-91441",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-83984",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-6023",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02892"
},
{
"db": "VULHUB",
"id": "VHN-83984"
},
{
"db": "VULMON",
"id": "CVE-2015-6023"
},
{
"db": "BID",
"id": "96383"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007391"
},
{
"db": "PACKETSTORM",
"id": "136901"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-127"
},
{
"db": "NVD",
"id": "CVE-2015-6023"
}
]
},
"id": "VAR-201702-0312",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02892"
},
{
"db": "VULHUB",
"id": "VHN-83984"
}
],
"trust": 1.53333335
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02892"
}
]
},
"last_update_date": "2025-04-20T23:20:06.742000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.netcommwireless.com/"
},
{
"title": "HELPNetCommWirelessHSPA3G10WVE Security Bypass Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/75437"
},
{
"title": "NetCommWireless HSPA 3G10WVE Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61450"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02892"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007391"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-127"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83984"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007391"
},
{
"db": "NVD",
"id": "CVE-2015-6023"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "http://packetstormsecurity.com/files/136901/netcommwireless-hspa-3g10wve-authentication-bypass-code-execution.html"
},
{
"trust": 2.1,
"url": "http://seclists.org/fulldisclosure/2016/may/18"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/39762/"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2016/may/13"
},
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/96383"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/538263/100/0/threaded"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/538297/100/0/threaded"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6023"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6023"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/538297/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/538263/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://www.netcommwireless.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/284.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.helpag.com)"
},
{
"trust": 0.1,
"url": "https://www.youtube.com/watch?v=fs43mrg7rdk"
},
{
"trust": 0.1,
"url": "https://www.helpag.com"
},
{
"trust": 0.1,
"url": "http://www.etisalat.ae/nrd/en/generic/3.5g_router.jsp"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6024"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02892"
},
{
"db": "VULHUB",
"id": "VHN-83984"
},
{
"db": "VULMON",
"id": "CVE-2015-6023"
},
{
"db": "BID",
"id": "96383"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007391"
},
{
"db": "PACKETSTORM",
"id": "136901"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-127"
},
{
"db": "NVD",
"id": "CVE-2015-6023"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-02892"
},
{
"db": "VULHUB",
"id": "VHN-83984"
},
{
"db": "VULMON",
"id": "CVE-2015-6023"
},
{
"db": "BID",
"id": "96383"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007391"
},
{
"db": "PACKETSTORM",
"id": "136901"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-127"
},
{
"db": "NVD",
"id": "CVE-2015-6023"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-02892"
},
{
"date": "2017-02-09T00:00:00",
"db": "VULHUB",
"id": "VHN-83984"
},
{
"date": "2017-02-09T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6023"
},
{
"date": "2017-02-09T00:00:00",
"db": "BID",
"id": "96383"
},
{
"date": "2017-03-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007391"
},
{
"date": "2016-05-03T23:16:49",
"db": "PACKETSTORM",
"id": "136901"
},
{
"date": "2016-05-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-127"
},
{
"date": "2017-02-09T15:59:00.300000",
"db": "NVD",
"id": "CVE-2015-6023"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-02892"
},
{
"date": "2018-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-83984"
},
{
"date": "2018-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6023"
},
{
"date": "2017-03-07T04:04:00",
"db": "BID",
"id": "96383"
},
{
"date": "2017-03-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007391"
},
{
"date": "2017-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-127"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2015-6023"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136901"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-127"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetCommWireless HSPA 3G10WVE Wireless Router Of firmware ping.cgi Vulnerable to access restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007391"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-127"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…