VAR-201709-0348
Vulnerability from variot - Updated: 2025-04-20 23:04An authentication bypass vulnerability on UTStar WA3002G4 ADSL Broadband Modem WA3002G4-0021.01 devices allows attackers to directly access administrative settings and obtain cleartext credentials from HTML source, as demonstrated by info.cgi, upload.cgi, backupsettings.cgi, pppoe.cgi, resetrouter.cgi, and password.cgi. UTStar WA3002G4 ADSL Broadband Modem The device contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. UTStarWA3002G4 is a modem from UTStarcom, USA. There is an authentication bypass vulnerability in UTStarWA3002G4. UTStarcom UTStar WA3002G4 ADSL Broadband Modem is a modem of UTStarcom company in the United States. # Exploit Title: UTStar WA3002G4 ADSL Broadband Modem Authentication Bypass Vulnerability
CVE: CVE-2017-14243
Date: 15-09-2017
Exploit Author: Gem George
Author Contact: https://www.linkedin.com/in/gemgrge
Vulnerable Product: UTStar WA3002G4 ADSL Broadband Modem
Firmware version: WA3002G4-0021.01
Vendor Homepage: http://www.utstar.com/
Reference: https://www.techipick.com/iball-baton-adsl2-home-router-utstar-wa3002g4-adsl-broadband-modem-authentication-bypass
Vulnerability Details
The CGI version of the admin page of UTStar modem does not authenticate the user and hence any protected page in the modem can be directly accessed by replacing page extension with cgi. This could also allow anyone to perform operations such as reset modem, change passwords, backup configuration without any authentication. The modem also disclose passwords of each users (Admin, Support and User) in plain text behind the page source.
How to reproduce
Suppose 192.168.1.1 is the device IP and one of the admin protected page in the modem is http://192.168.1.1/abcd.html, then the page can be directly accessed as as http://192.168.1.1/abcd.cgi
Example URLs: * http://192.168.1.1/info.cgi a Status and details * http://192.168.1.1/upload.cgi a Firmware Upgrade * http://192.168.1.1/backupsettings.cgi a perform backup settings to PC * http://192.168.1.1/pppoe.cgi a PPPoE settings * http://192.168.1.1/resetrouter.cgi a Router reset * http://192.168.1.1/password.cgi a password settings
POC
- https://www.youtube.com/watch?v=-wh1Y_jXMGk
-----------------------Greetz---------------------- ++++++++++++++++++ www.0seccon.com ++++++++++++++++++ Saran,Jithin,Dhani,Vignesh,Hemanth,Sudin,Vijith,Joel
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-0348",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wa3002g4",
"scope": "eq",
"trust": 1.6,
"vendor": "utstar",
"version": "wa3002g4-0021.01"
},
{
"model": "utstar wa3002g4",
"scope": "eq",
"trust": 0.8,
"vendor": "utstarcom incorporated",
"version": "wa3002g4-0021.01"
},
{
"model": "wa3002g4 wa3002g4-0021.01",
"scope": null,
"trust": 0.6,
"vendor": "utstarcom",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14853"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008255"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-269"
},
{
"db": "NVD",
"id": "CVE-2017-14243"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:utstar:wa3002g4_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008255"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gem George",
"sources": [
{
"db": "PACKETSTORM",
"id": "144239"
}
],
"trust": 0.1
},
"cve": "CVE-2017-14243",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-14243",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-14853",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-104946",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-14243",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-14243",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-14243",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2018-14853",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201709-269",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-104946",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-14243",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14853"
},
{
"db": "VULHUB",
"id": "VHN-104946"
},
{
"db": "VULMON",
"id": "CVE-2017-14243"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008255"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-269"
},
{
"db": "NVD",
"id": "CVE-2017-14243"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An authentication bypass vulnerability on UTStar WA3002G4 ADSL Broadband Modem WA3002G4-0021.01 devices allows attackers to directly access administrative settings and obtain cleartext credentials from HTML source, as demonstrated by info.cgi, upload.cgi, backupsettings.cgi, pppoe.cgi, resetrouter.cgi, and password.cgi. UTStar WA3002G4 ADSL Broadband Modem The device contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. UTStarWA3002G4 is a modem from UTStarcom, USA. There is an authentication bypass vulnerability in UTStarWA3002G4. UTStarcom UTStar WA3002G4 ADSL Broadband Modem is a modem of UTStarcom company in the United States. # Exploit Title: UTStar WA3002G4 ADSL Broadband Modem Authentication Bypass Vulnerability\n# CVE: CVE-2017-14243\n# Date: 15-09-2017\n# Exploit Author: Gem George\n# Author Contact: https://www.linkedin.com/in/gemgrge\n# Vulnerable Product: UTStar WA3002G4 ADSL Broadband Modem\n# Firmware version: WA3002G4-0021.01\n# Vendor Homepage: http://www.utstar.com/\n# Reference: https://www.techipick.com/iball-baton-adsl2-home-router-utstar-wa3002g4-adsl-broadband-modem-authentication-bypass\n\n\nVulnerability Details\n======================\nThe CGI version of the admin page of UTStar modem does not authenticate the user and hence any protected page in the modem can be directly accessed by replacing page extension with cgi. This could also allow anyone to perform operations such as reset modem, change passwords, backup configuration without any authentication. The modem also disclose passwords of each users (Admin, Support and User) in plain text behind the page source. \n\nHow to reproduce\n===================\nSuppose 192.168.1.1 is the device IP and one of the admin protected page in the modem is http://192.168.1.1/abcd.html, then the page can be directly accessed as as http://192.168.1.1/abcd.cgi\n\nExample URLs:\n* http://192.168.1.1/info.cgi a Status and details\n* http://192.168.1.1/upload.cgi a Firmware Upgrade\n* http://192.168.1.1/backupsettings.cgi a perform backup settings to PC\n* http://192.168.1.1/pppoe.cgi a PPPoE settings\n* http://192.168.1.1/resetrouter.cgi a Router reset\n* http://192.168.1.1/password.cgi a password settings\n\nPOC\n=========\n* https://www.youtube.com/watch?v=-wh1Y_jXMGk\n\n\n -----------------------Greetz----------------------\n++++++++++++++++++ www.0seccon.com ++++++++++++++++++\n Saran,Jithin,Dhani,Vignesh,Hemanth,Sudin,Vijith,Joel\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-14243"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008255"
},
{
"db": "CNVD",
"id": "CNVD-2018-14853"
},
{
"db": "VULHUB",
"id": "VHN-104946"
},
{
"db": "VULMON",
"id": "CVE-2017-14243"
},
{
"db": "PACKETSTORM",
"id": "144239"
}
],
"trust": 2.43
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-104946",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=42739",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104946"
},
{
"db": "VULMON",
"id": "CVE-2017-14243"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-14243",
"trust": 3.3
},
{
"db": "EXPLOIT-DB",
"id": "42739",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008255",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201709-269",
"trust": 0.7
},
{
"db": "EXPLOITDB",
"id": "42739",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2018-14853",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "144239",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-96645",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-104946",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-14243",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14853"
},
{
"db": "VULHUB",
"id": "VHN-104946"
},
{
"db": "VULMON",
"id": "CVE-2017-14243"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008255"
},
{
"db": "PACKETSTORM",
"id": "144239"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-269"
},
{
"db": "NVD",
"id": "CVE-2017-14243"
}
]
},
"id": "VAR-201709-0348",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14853"
},
{
"db": "VULHUB",
"id": "VHN-104946"
}
],
"trust": 1.5333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14853"
}
]
},
"last_update_date": "2025-04-20T23:04:18.379000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.utstar.com/"
},
{
"title": "iBall-UTStar-CVEChecker",
"trust": 0.1,
"url": "https://github.com/GemGeorge/iBall-UTStar-CVEChecker "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-14243"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008255"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.1
},
{
"problemtype": "CWE-255",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104946"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008255"
},
{
"db": "NVD",
"id": "CVE-2017-14243"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://www.techipick.com/iball-baton-adsl2-home-router-utstar-wa3002g4-adsl-broadband-modem-authentication-bypass"
},
{
"trust": 2.5,
"url": "https://www.exploit-db.com/exploits/42739/"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14243"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-14243"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2017-14243/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/gemgeorge/iball-utstar-cvechecker"
},
{
"trust": 0.1,
"url": "https://www.0seccon.com"
},
{
"trust": 0.1,
"url": "http://192.168.1.1/abcd.cgi"
},
{
"trust": 0.1,
"url": "http://192.168.1.1/abcd.html,"
},
{
"trust": 0.1,
"url": "http://www.utstar.com/"
},
{
"trust": 0.1,
"url": "http://192.168.1.1/pppoe.cgi"
},
{
"trust": 0.1,
"url": "http://192.168.1.1/resetrouter.cgi"
},
{
"trust": 0.1,
"url": "http://192.168.1.1/upload.cgi"
},
{
"trust": 0.1,
"url": "http://192.168.1.1/backupsettings.cgi"
},
{
"trust": 0.1,
"url": "https://www.youtube.com/watch?v=-wh1y_jxmgk"
},
{
"trust": 0.1,
"url": "http://192.168.1.1/password.cgi"
},
{
"trust": 0.1,
"url": "https://www.linkedin.com/in/gemgrge"
},
{
"trust": 0.1,
"url": "http://192.168.1.1/info.cgi"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14853"
},
{
"db": "VULHUB",
"id": "VHN-104946"
},
{
"db": "VULMON",
"id": "CVE-2017-14243"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008255"
},
{
"db": "PACKETSTORM",
"id": "144239"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-269"
},
{
"db": "NVD",
"id": "CVE-2017-14243"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-14853"
},
{
"db": "VULHUB",
"id": "VHN-104946"
},
{
"db": "VULMON",
"id": "CVE-2017-14243"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008255"
},
{
"db": "PACKETSTORM",
"id": "144239"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-269"
},
{
"db": "NVD",
"id": "CVE-2017-14243"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14853"
},
{
"date": "2017-09-17T00:00:00",
"db": "VULHUB",
"id": "VHN-104946"
},
{
"date": "2017-09-17T00:00:00",
"db": "VULMON",
"id": "CVE-2017-14243"
},
{
"date": "2017-10-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008255"
},
{
"date": "2017-09-19T14:30:01",
"db": "PACKETSTORM",
"id": "144239"
},
{
"date": "2017-09-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-269"
},
{
"date": "2017-09-17T19:29:00.193000",
"db": "NVD",
"id": "CVE-2017-14243"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14853"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-104946"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2017-14243"
},
{
"date": "2017-10-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008255"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-269"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-14243"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-269"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "UTStar WA3002G4 ADSL Broadband Modem Vulnerabilities related to certificate and password management in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008255"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-269"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…