Search criteria
3 vulnerabilities found for air_firmware by airties
FKIE_CVE-2015-2797
Vulnerability from fkie_nvd - Published: 2015-06-19 14:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the redirect parameter to cgi-bin/login.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:airties:air_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9E3BF5B-3AD2-41F0-8A23-10B6BE96CDB2",
"versionEndIncluding": "1.0.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:airties:air_5021:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49870B2D-4B77-445F-88DB-7CD6A4E512A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:airties:air_5341:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47BC82F3-28A5-40C1-88A9-F304C2762464",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:airties:air_5342:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D241731B-D0BE-4BB8-BE58-64734AED1A95",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:airties:air_5343:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91D4DEFD-EEAA-4570-A2D1-701739524879",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:airties:air_5442:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138FDEFA-8760-4B5C-9E23-56576F637608",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:airties:air_5443:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E68F054-4590-4397-AE1D-25165B483FC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:airties:air_5444tt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652E1DB1-C56B-4CE5-B94C-659D1C5ECEC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:airties:air_5453:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C853772-E764-4A0E-818C-9025AFF6CBD0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:airties:air_5650tt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E565A9FC-B20C-4897-9EFF-78ABE930CFCE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:airties:air_5750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4658A79-E2AE-4C90-9B8E-975A3F437AFF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:airties:air_5760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1294402-1A4E-4760-A49F-9F280FA3BEB1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:airties:air_6372:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9DB76FCE-3ED8-444E-896D-8745159278E8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the redirect parameter to cgi-bin/login."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en pila en los modems DSL AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, y 5021 con firmware 1.0.2.0 y anteriores permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una cadena larga en el par\u00e1metro redirect en cgi-bin/login."
}
],
"id": "CVE-2015-2797",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-19T14:59:00.067",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/show/osvdb/120335"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.bmicrosystems.com/blog/exploiting-the-airties-air-series/"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75355"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.exploit-db.com/exploits/36577/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.exploit-db.com/exploits/37170/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/show/osvdb/120335"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.bmicrosystems.com/blog/exploiting-the-airties-air-series/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75355"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.exploit-db.com/exploits/36577/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.exploit-db.com/exploits/37170/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2015-2797 (GCVE-0-2015-2797)
Vulnerability from cvelistv5 – Published: 2015-06-19 14:00 – Updated: 2024-08-06 05:24
VLAI?
Summary
Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the redirect parameter to cgi-bin/login.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:24:38.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "75355",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75355"
},
{
"name": "37170",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/37170/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.bmicrosystems.com/blog/exploiting-the-airties-air-series/"
},
{
"name": "36577",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/36577/"
},
{
"name": "120335",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/show/osvdb/120335"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the redirect parameter to cgi-bin/login."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-01T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "75355",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75355"
},
{
"name": "37170",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/37170/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.bmicrosystems.com/blog/exploiting-the-airties-air-series/"
},
{
"name": "36577",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/36577/"
},
{
"name": "120335",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/show/osvdb/120335"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2797",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the redirect parameter to cgi-bin/login."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "75355",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75355"
},
{
"name": "37170",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37170/"
},
{
"name": "http://www.bmicrosystems.com/blog/exploiting-the-airties-air-series/",
"refsource": "MISC",
"url": "http://www.bmicrosystems.com/blog/exploiting-the-airties-air-series/"
},
{
"name": "36577",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/36577/"
},
{
"name": "120335",
"refsource": "OSVDB",
"url": "http://osvdb.org/show/osvdb/120335"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-2797",
"datePublished": "2015-06-19T14:00:00",
"dateReserved": "2015-03-30T00:00:00",
"dateUpdated": "2024-08-06T05:24:38.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-2797 (GCVE-0-2015-2797)
Vulnerability from nvd – Published: 2015-06-19 14:00 – Updated: 2024-08-06 05:24
VLAI?
Summary
Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the redirect parameter to cgi-bin/login.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:24:38.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "75355",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75355"
},
{
"name": "37170",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/37170/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.bmicrosystems.com/blog/exploiting-the-airties-air-series/"
},
{
"name": "36577",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/36577/"
},
{
"name": "120335",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/show/osvdb/120335"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the redirect parameter to cgi-bin/login."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-01T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "75355",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75355"
},
{
"name": "37170",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/37170/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.bmicrosystems.com/blog/exploiting-the-airties-air-series/"
},
{
"name": "36577",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/36577/"
},
{
"name": "120335",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/show/osvdb/120335"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2797",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the redirect parameter to cgi-bin/login."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "75355",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75355"
},
{
"name": "37170",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37170/"
},
{
"name": "http://www.bmicrosystems.com/blog/exploiting-the-airties-air-series/",
"refsource": "MISC",
"url": "http://www.bmicrosystems.com/blog/exploiting-the-airties-air-series/"
},
{
"name": "36577",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/36577/"
},
{
"name": "120335",
"refsource": "OSVDB",
"url": "http://osvdb.org/show/osvdb/120335"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-2797",
"datePublished": "2015-06-19T14:00:00",
"dateReserved": "2015-03-30T00:00:00",
"dateUpdated": "2024-08-06T05:24:38.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}