Search criteria
18 vulnerabilities found for fvs318 by netgear
VAR-200603-0053
Vulnerability from variot - Updated: 2023-12-18 12:47Linksys WRT54G routers version 5 (running VXWorks) allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value. DCC SEND, or (2) a DCC SEND with an IP address, port, and file size parameter value of 0. Linksys and Netgear routers are susceptible to a remote IRC denial-of-service vulnerability. This issue is due to a failure of the devices to properly handle unexpected network traffic. This issue allows remote attackers to disconnect IRC sessions, denying service to legitimate users. Linksys WRT54G routers are vulnerable to this issue. Routers running with the VxWorks operating system, but not Linux-based operating systems, are reportedly affected. Specific device and firmware version information is not currently available. This BID will be updated as further information is disclosed
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200603-0053",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wrt54g v5",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "*"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "wrt54g v5",
"scope": null,
"trust": 0.6,
"vendor": "linksys",
"version": null
},
{
"model": "wgt624",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"model": "rt314/rt311 gateway router",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "3.25"
},
{
"model": "rt314/rt311 gateway router",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "3.24"
},
{
"model": "rt314/rt311 gateway router",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "3.22"
},
{
"model": "rt-338",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
},
{
"model": "me102",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.4"
},
{
"model": "me102",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.3"
},
{
"model": "fvs318v2",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "2.4"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "2.4"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.3"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.2"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.1"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.0"
},
{
"model": "fm114p",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
},
{
"model": "dg834g",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
},
{
"model": "dg834 adsl firewall router",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
},
{
"model": "publisher 3f",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20021.40"
},
{
"model": "wrt54gs",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "4.70.6"
},
{
"model": "wrt54gs",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "4.50.6"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v4.04.20.6"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v4.04.0.7"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v3.03.3.6"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v3.03.1.3"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2.02.4.4"
},
{
"model": "wrt54g beta",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2.02.02.8"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2.02.00.8"
},
{
"model": "wpc300n wireless-n notebook adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "-4.100.15.5"
},
{
"model": "wap55ag",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.0.7"
},
{
"model": "wap11",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "2.2"
},
{
"model": "wap11",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.4"
},
{
"model": "wap11",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.3"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.42.7"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.40.3"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router b",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.37.9"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router b",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.37.2"
},
{
"model": "etherfast befw11s4 wireless ap cable/dsl router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "+1.37.2"
},
{
"model": "etherfast befvp41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.39.64"
},
{
"model": "etherfast befvp41 router",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "etherfast befsr81 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "2.44"
},
{
"model": "etherfast befsr81 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "2.42.7"
},
{
"model": "etherfast befsr81 router",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.45.7"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.39"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.38"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.37"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.36"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.35"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.05.00"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "etherfast befn2ps4 router",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v4"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v3"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.4.3"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.4.2.7"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.4"
},
{
"model": "befvp41 .3f",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.45.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.4"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsr81",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v3"
},
{
"model": "befsr81",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2"
},
{
"model": "befsr81",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "befsr41w",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "befsr41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v3"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v1"
},
{
"model": "befn2ps4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befcmu10",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wrt54g v5",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "BID",
"id": "16954"
},
{
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:wrt54g_v5:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1067"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ryanmeyer14@netscape.net discovered this issue. Both ryanmeyer14@netscape.net and \"Cade Cairns\" \u003ccairnsc@gmail.com\u003e disclosed this issue.",
"sources": [
{
"db": "BID",
"id": "16954"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
],
"trust": 0.9
},
"cve": "CVE-2006-1067",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2006-1318",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-17175",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-1067",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2006-1318",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200603-107",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-17175",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "VULHUB",
"id": "VHN-17175"
},
{
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys WRT54G routers version 5 (running VXWorks) allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value. DCC SEND, or (2) a DCC SEND with an IP address, port, and file size parameter value of 0. Linksys and Netgear routers are susceptible to a remote IRC denial-of-service vulnerability. This issue is due to a failure of the devices to properly handle unexpected network traffic. \nThis issue allows remote attackers to disconnect IRC sessions, denying service to legitimate users. \nLinksys WRT54G routers are vulnerable to this issue. Routers running with the VxWorks operating system, but not Linux-based operating systems, are reportedly affected. Specific device and firmware version information is not currently available. This BID will be updated as further information is disclosed",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "BID",
"id": "16954"
},
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-17175"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-1067",
"trust": 2.8
},
{
"db": "BID",
"id": "16954",
"trust": 2.6
},
{
"db": "BUGTRAQ",
"id": "20060306 RE: LINKSYS ROUTER + IRC DOS",
"trust": 1.2
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2006-1318",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20060304 VARIOUS ROUTER DOS",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060303 LINKSYS ROUTER + IRC DOS",
"trust": 0.6
},
{
"db": "XF",
"id": "25230",
"trust": 0.6
},
{
"db": "IVD",
"id": "CCDF0954-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-17175",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "VULHUB",
"id": "VHN-17175"
},
{
"db": "BID",
"id": "16954"
},
{
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
]
},
"id": "VAR-200603-0053",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "VULHUB",
"id": "VHN-17175"
}
],
"trust": 1.5009907
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT",
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
}
]
},
"last_update_date": "2023-12-18T12:47:09.542000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1067"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/16954"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/426863/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.hm2k.org/news/1141413208.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/426761/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/426756/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/426934/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25230"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/426934/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/426761/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/426756/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/25230"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/"
},
{
"trust": 0.3,
"url": "http://www.netgear.com/support_main.asp"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/products/product.asp?prid=508\u0026scid=35"
},
{
"trust": 0.3,
"url": "/archive/1/426761"
},
{
"trust": 0.3,
"url": "/archive/1/426756"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "VULHUB",
"id": "VHN-17175"
},
{
"db": "BID",
"id": "16954"
},
{
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"db": "VULHUB",
"id": "VHN-17175"
},
{
"db": "BID",
"id": "16954"
},
{
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-03-07T00:00:00",
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"date": "2006-03-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"date": "2006-03-07T00:00:00",
"db": "VULHUB",
"id": "VHN-17175"
},
{
"date": "2006-03-04T00:00:00",
"db": "BID",
"id": "16954"
},
{
"date": "2006-03-07T22:06:00",
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"date": "2006-03-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-03-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-1318"
},
{
"date": "2018-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-17175"
},
{
"date": "2016-07-06T14:40:00",
"db": "BID",
"id": "16954"
},
{
"date": "2018-10-18T16:30:32.073000",
"db": "NVD",
"id": "CVE-2006-1067"
},
{
"date": "2006-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys WRT54G Multiple router denial of service vulnerability",
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2006-1318"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "IVD",
"id": "ccdf0954-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-200603-107"
}
],
"trust": 0.8
}
}
VAR-200412-0047
Vulnerability from variot - Updated: 2023-12-18 11:51The Web administration interface in Microsoft MN-500 Wireless Router allows remote attackers to cause a denial of service (connection refusal) via a large number of open HTTP connections. Multiple broadband routers from several different vendors, used for home and small office Internet sharing and routing are reported affected by a denial of service vulnerability in their web-based administration interfaces. The embedded web server is reportedly unable to maintain more than a small number of simultaneous TCP connections. An attacker who maintains a number of connections to port 80 of an affected device will block access to the web administration application for legitimate users. An attacker could block access to the administration interface as long as they can maintain the TCP connections. Netgear FVS318, Linksys BEFSR41, and Microsoft MN-500 devices are reported to be susceptible. NETGEAR FVS318 is a router with VPN, Microsoft MN-500 is a wireless router
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0047",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mn-500 wireless base station",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "mn-500 wireless base station",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.3"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.2"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.1"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "1.0"
},
{
"model": "mn-500",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.45.7"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.39"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.38"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.37"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.36"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.35"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.05.00"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v3"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v1"
}
],
"sources": [
{
"db": "BID",
"id": "10585"
},
{
"db": "NVD",
"id": "CVE-2004-0610"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-058"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:microsoft:mn-500_wireless_base_station:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0610"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kurczaba Associates advisories\u203b advisories@kurczaba.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-058"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0610",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-9040",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0610",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-058",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-9040",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9040"
},
{
"db": "NVD",
"id": "CVE-2004-0610"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-058"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Web administration interface in Microsoft MN-500 Wireless Router allows remote attackers to cause a denial of service (connection refusal) via a large number of open HTTP connections. Multiple broadband routers from several different vendors, used for home and small office Internet sharing and routing are reported affected by a denial of service vulnerability in their web-based administration interfaces. \nThe embedded web server is reportedly unable to maintain more than a small number of simultaneous TCP connections. An attacker who maintains a number of connections to port 80 of an affected device will block access to the web administration application for legitimate users. \nAn attacker could block access to the administration interface as long as they can maintain the TCP connections. \nNetgear FVS318, Linksys BEFSR41, and Microsoft MN-500 devices are reported to be susceptible. NETGEAR FVS318 is a router with VPN, Microsoft MN-500 is a wireless router",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0610"
},
{
"db": "BID",
"id": "10585"
},
{
"db": "VULHUB",
"id": "VHN-9040"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "10585",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2004-0610",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200412-058",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20040621 MICROSOFT MN-500 WIRELESS ROUTER WEB-BASED ADMINISTRATION DOS",
"trust": 0.6
},
{
"db": "XF",
"id": "500",
"trust": 0.6
},
{
"db": "XF",
"id": "16448",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-9040",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9040"
},
{
"db": "BID",
"id": "10585"
},
{
"db": "NVD",
"id": "CVE-2004-0610"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-058"
}
]
},
"id": "VAR-200412-0047",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9040"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:51:12.774000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0610"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/10585"
},
{
"trust": 1.7,
"url": "http://www.kurczaba.com/securityadvisories/0406213.htm"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16448"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=108796481501258\u0026w=2"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/16448"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=108796481501258\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.netgear.com/"
},
{
"trust": 0.3,
"url": "http://www.netgear.com/products/prod_details.asp?prodid=129"
},
{
"trust": 0.3,
"url": "http://www.netgear.com/support_main.asp"
},
{
"trust": 0.3,
"url": "/archive/1/366823"
},
{
"trust": 0.3,
"url": "/archive/1/366601"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=108796481501258\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9040"
},
{
"db": "BID",
"id": "10585"
},
{
"db": "NVD",
"id": "CVE-2004-0610"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-058"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-9040"
},
{
"db": "BID",
"id": "10585"
},
{
"db": "NVD",
"id": "CVE-2004-0610"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-058"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-9040"
},
{
"date": "2004-06-21T00:00:00",
"db": "BID",
"id": "10585"
},
{
"date": "2004-12-06T05:00:00",
"db": "NVD",
"id": "CVE-2004-0610"
},
{
"date": "2004-06-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-058"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9040"
},
{
"date": "2009-07-12T05:16:00",
"db": "BID",
"id": "10585"
},
{
"date": "2017-07-11T01:30:18.543000",
"db": "NVD",
"id": "CVE-2004-0610"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-058"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-058"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WEB Management Interface Denial of Service Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-058"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "10585"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-058"
}
],
"trust": 0.9
}
}
VAR-200212-0323
Vulnerability from variot - Updated: 2023-12-18 11:50NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information. A vulnerability has been reported in NetGear Firewall/VPN/Routers. When configured to backup configuration settings, the device will store various usernames and passwords in cleartext. Accessing this file could allow an attacker to obtain sensitive information which could aid the attacker in compromising the web administrative interface of the device. It should be noted that the backup option is not enabled by default, but is a common feature used by administrators. Local users get sensitive information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0323",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fvs318",
"scope": "eq",
"trust": 1.9,
"vendor": "netgear",
"version": "1.1"
}
],
"sources": [
{
"db": "BID",
"id": "5830"
},
{
"db": "NVD",
"id": "CVE-2002-1892"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-273"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:fvs318:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1892"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery credited to fab@aisec.net.",
"sources": [
{
"db": "BID",
"id": "5830"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-273"
}
],
"trust": 0.9
},
"cve": "CVE-2002-1892",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-6275",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-1892",
"trust": 1.0,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-273",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-6275",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6275"
},
{
"db": "NVD",
"id": "CVE-2002-1892"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-273"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information. A vulnerability has been reported in NetGear Firewall/VPN/Routers. \nWhen configured to backup configuration settings, the device will store various usernames and passwords in cleartext. Accessing this file could allow an attacker to obtain sensitive information which could aid the attacker in compromising the web administrative interface of the device. \nIt should be noted that the backup option is not enabled by default, but is a common feature used by administrators. Local users get sensitive information",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1892"
},
{
"db": "BID",
"id": "5830"
},
{
"db": "VULHUB",
"id": "VHN-6275"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "5830",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2002-1892",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200212-273",
"trust": 0.7
},
{
"db": "XF",
"id": "318",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20021001 NETGEAR FVS318 INFORMATION DISCLOSURE",
"trust": 0.6
},
{
"db": "VULNWATCH",
"id": "20020927 FVS318 CONFIG STORES USERNAMES/PASSWD\u0027S IN PLAIN TEXT",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-6275",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6275"
},
{
"db": "BID",
"id": "5830"
},
{
"db": "NVD",
"id": "CVE-2002-1892"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-273"
}
]
},
"id": "VAR-200212-0323",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6275"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:50:50.584000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1892"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/5830"
},
{
"trust": 1.7,
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00004.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0133.html"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/10216.php"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6275"
},
{
"db": "NVD",
"id": "CVE-2002-1892"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-273"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-6275"
},
{
"db": "BID",
"id": "5830"
},
{
"db": "NVD",
"id": "CVE-2002-1892"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-273"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-6275"
},
{
"date": "2002-09-30T00:00:00",
"db": "BID",
"id": "5830"
},
{
"date": "2002-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2002-1892"
},
{
"date": "2002-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-273"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-6275"
},
{
"date": "2002-09-30T00:00:00",
"db": "BID",
"id": "5830"
},
{
"date": "2008-09-05T20:31:47.027000",
"db": "NVD",
"id": "CVE-2002-1892"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-273"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "5830"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-273"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetGear FVS318 username / Password leak vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-273"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "5830"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-273"
}
],
"trust": 0.9
}
}
VAR-200501-0216
Vulnerability from variot - Updated: 2023-12-18 11:23NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to bypass the filters using hex encoded URLs, as demonstrated using a hex encoded file extension. NetGear FVS318 is reported prone to multiple vulnerabilities. These issues result from insufficient sanitization of user-supplied data and may allow an attacker to bypass URI filters and carry out cross-site scripting attacks. The following issues were identified: It is reported that an attacker can bypass URI filters of the device. The URI filter log viewer is reported prone to a cross-site scripting vulnerability. The research report specified that FVS318 devices with firmware 2.4 are vulnerable to these issues. FVS318 and FVS318v2 are shipped with firmware 2.4, however, it is possible that FVS318v3 and other firmware versions are affected as well. This BID will be updated when more information about affected packages is available. The Netgear FVS318 is a handy little router. A filter detection bypass vulnerability exists in Netgear FVS318 with firmware version 2.4. Remote attackers can use Hex-encoded URLs, such as HEX-encoded file extensions, to bypass detection
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200501-0216",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fvs318",
"scope": "eq",
"trust": 1.9,
"vendor": "netgear",
"version": "2.4"
},
{
"model": "fvs318v2",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "2.4"
}
],
"sources": [
{
"db": "BID",
"id": "12278"
},
{
"db": "NVD",
"id": "CVE-2005-0290"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-249"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:fvs318:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0290"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Paul Kurczaba\u203b pkurczaba@att.net",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-249"
}
],
"trust": 0.6
},
"cve": "CVE-2005-0290",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-11499",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-0290",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200501-249",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-11499",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11499"
},
{
"db": "NVD",
"id": "CVE-2005-0290"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-249"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to bypass the filters using hex encoded URLs, as demonstrated using a hex encoded file extension. NetGear FVS318 is reported prone to multiple vulnerabilities. These issues result from insufficient sanitization of user-supplied data and may allow an attacker to bypass URI filters and carry out cross-site scripting attacks. \nThe following issues were identified:\nIt is reported that an attacker can bypass URI filters of the device. \nThe URI filter log viewer is reported prone to a cross-site scripting vulnerability. \nThe research report specified that FVS318 devices with firmware 2.4 are vulnerable to these issues. FVS318 and FVS318v2 are shipped with firmware 2.4, however, it is possible that FVS318v3 and other firmware versions are affected as well. This BID will be updated when more information about affected packages is available. The Netgear FVS318 is a handy little router. A filter detection bypass vulnerability exists in Netgear FVS318 with firmware version 2.4. Remote attackers can use Hex-encoded URLs, such as HEX-encoded file extensions, to bypass detection",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0290"
},
{
"db": "BID",
"id": "12278"
},
{
"db": "VULHUB",
"id": "VHN-11499"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-0290",
"trust": 2.0
},
{
"db": "BID",
"id": "12278",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "13787",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1012913",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200501-249",
"trust": 0.7
},
{
"db": "XF",
"id": "18920",
"trust": 0.6
},
{
"db": "XF",
"id": "318",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20050117 MULTIPLE VULNERABILITIES IN NETGEAR FVS318 ROUTER",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20050117 MULTIPLE VULNERABILITIES IN NETGEAR FVS318 ROUTER",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-11499",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11499"
},
{
"db": "BID",
"id": "12278"
},
{
"db": "NVD",
"id": "CVE-2005-0290"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-249"
}
]
},
"id": "VAR-200501-0216",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-11499"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:23:14.157000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0290"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/12278"
},
{
"trust": 1.7,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-january/030984.html"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1012913"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/13787"
},
{
"trust": 1.1,
"url": "http://www.securinews.com/vuln.htm?vulnid=103"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18920"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=110599727631560\u0026w=2"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/18920"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=110599727631560\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.netgear.com/products/prod_details.asp?prodid=129"
},
{
"trust": 0.3,
"url": "/archive/1/387467"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=110599727631560\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11499"
},
{
"db": "BID",
"id": "12278"
},
{
"db": "NVD",
"id": "CVE-2005-0290"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-249"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-11499"
},
{
"db": "BID",
"id": "12278"
},
{
"db": "NVD",
"id": "CVE-2005-0290"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-249"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-01-17T00:00:00",
"db": "VULHUB",
"id": "VHN-11499"
},
{
"date": "2005-01-17T00:00:00",
"db": "BID",
"id": "12278"
},
{
"date": "2005-01-17T05:00:00",
"db": "NVD",
"id": "CVE-2005-0290"
},
{
"date": "2005-01-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-249"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-11499"
},
{
"date": "2009-07-12T10:06:00",
"db": "BID",
"id": "12278"
},
{
"date": "2017-07-11T01:32:12.017000",
"db": "NVD",
"id": "CVE-2005-0290"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-249"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-249"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear FVS318 filter Bypass detection vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-249"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-249"
}
],
"trust": 0.6
}
}
VAR-200412-0048
Vulnerability from variot - Updated: 2023-12-18 11:13Web-Based Administration in Netgear FVS318 VPN Router allows remote attackers to cause a denial of service (no new connections) via a large number of open HTTP connections. Multiple broadband routers from several different vendors, used for home and small office Internet sharing and routing are reported affected by a denial of service vulnerability in their web-based administration interfaces. The embedded web server is reportedly unable to maintain more than a small number of simultaneous TCP connections. An attacker who maintains a number of connections to port 80 of an affected device will block access to the web administration application for legitimate users. An attacker could block access to the administration interface as long as they can maintain the TCP connections. Netgear FVS318, Linksys BEFSR41, and Microsoft MN-500 devices are reported to be susceptible. NETGEAR FVS318 is a router with VPN, Microsoft MN-500 is a wireless router. There is a problem with the embedded WEB server included by many manufacturers, and a remote attacker can use this vulnerability to conduct a denial of service attack on the management interface of the device
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0048",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fvs318",
"scope": "eq",
"trust": 1.9,
"vendor": "netgear",
"version": "1.3"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 1.9,
"vendor": "netgear",
"version": "1.2"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 1.9,
"vendor": "netgear",
"version": "1.1"
},
{
"model": "fvs318",
"scope": "eq",
"trust": 1.9,
"vendor": "netgear",
"version": "1.0"
},
{
"model": "mn-500",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.45.7"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.39"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.38"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.37"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.36"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.35"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.05.00"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v3"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v1"
}
],
"sources": [
{
"db": "BID",
"id": "10585"
},
{
"db": "NVD",
"id": "CVE-2004-0611"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-045"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:fvs318:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:netgear:fvs318:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:netgear:fvs318:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:netgear:fvs318:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0611"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kurczaba Associates advisories\u203b advisories@kurczaba.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-045"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0611",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-9041",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0611",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-045",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-9041",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9041"
},
{
"db": "NVD",
"id": "CVE-2004-0611"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-045"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Web-Based Administration in Netgear FVS318 VPN Router allows remote attackers to cause a denial of service (no new connections) via a large number of open HTTP connections. Multiple broadband routers from several different vendors, used for home and small office Internet sharing and routing are reported affected by a denial of service vulnerability in their web-based administration interfaces. \nThe embedded web server is reportedly unable to maintain more than a small number of simultaneous TCP connections. An attacker who maintains a number of connections to port 80 of an affected device will block access to the web administration application for legitimate users. \nAn attacker could block access to the administration interface as long as they can maintain the TCP connections. \nNetgear FVS318, Linksys BEFSR41, and Microsoft MN-500 devices are reported to be susceptible. NETGEAR FVS318 is a router with VPN, Microsoft MN-500 is a wireless router. There is a problem with the embedded WEB server included by many manufacturers, and a remote attacker can use this vulnerability to conduct a denial of service attack on the management interface of the device",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0611"
},
{
"db": "BID",
"id": "10585"
},
{
"db": "VULHUB",
"id": "VHN-9041"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "10585",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2004-0611",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200412-045",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20040621 NETGEAR FVS318 WEB-BASED ADMINISTRATION DOS",
"trust": 0.6
},
{
"db": "XF",
"id": "318",
"trust": 0.6
},
{
"db": "XF",
"id": "16462",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-9041",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9041"
},
{
"db": "BID",
"id": "10585"
},
{
"db": "NVD",
"id": "CVE-2004-0611"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-045"
}
]
},
"id": "VAR-200412-0048",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9041"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:13:36.050000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0611"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/10585"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16462"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=108787199201059\u0026w=2"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/16462"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=108787199201059\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.netgear.com/"
},
{
"trust": 0.3,
"url": "http://www.netgear.com/products/prod_details.asp?prodid=129"
},
{
"trust": 0.3,
"url": "http://www.netgear.com/support_main.asp"
},
{
"trust": 0.3,
"url": "/archive/1/366823"
},
{
"trust": 0.3,
"url": "/archive/1/366601"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=108787199201059\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9041"
},
{
"db": "BID",
"id": "10585"
},
{
"db": "NVD",
"id": "CVE-2004-0611"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-045"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-9041"
},
{
"db": "BID",
"id": "10585"
},
{
"db": "NVD",
"id": "CVE-2004-0611"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-045"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-9041"
},
{
"date": "2004-06-21T00:00:00",
"db": "BID",
"id": "10585"
},
{
"date": "2004-12-06T05:00:00",
"db": "NVD",
"id": "CVE-2004-0611"
},
{
"date": "2004-06-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-045"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9041"
},
{
"date": "2009-07-12T05:16:00",
"db": "BID",
"id": "10585"
},
{
"date": "2017-07-11T01:30:18.590000",
"db": "NVD",
"id": "CVE-2004-0611"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-045"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-045"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WEB Management Interface Denial of Service Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-045"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "10585"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-045"
}
],
"trust": 0.9
}
}
VAR-200501-0217
Vulnerability from variot - Updated: 2023-12-18 10:45Cross-site scripting (XSS) vulnerability in the log viewer in NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via a blocked URL phrase. NetGear FVS318 is reported prone to multiple vulnerabilities. These issues result from insufficient sanitization of user-supplied data and may allow an attacker to bypass URI filters and carry out cross-site scripting attacks. The following issues were identified: It is reported that an attacker can bypass URI filters of the device. The URI filter log viewer is reported prone to a cross-site scripting vulnerability. The research report specified that FVS318 devices with firmware 2.4 are vulnerable to these issues. FVS318 and FVS318v2 are shipped with firmware 2.4, however, it is possible that FVS318v3 and other firmware versions are affected as well. This BID will be updated when more information about affected packages is available. Multiple Vulnerabilities in Netgear FVS318 Router ------------------------------------------------------------------------ SUMMARY The http://www.netgear.com Netgear FVS318 is "an easy to use, firewall/router designed for home users and small businesses". SecuriNews Research has found 2 vulnerabilities in the router, one allows bypassing the product's content filtering mechanism while the other allows injecting arbitrary HTML and/or JavaScript into the product's log files which can then be used to attack the administrator of the router. DETAILS Content Filtering Bypass: By using HEX encoded characters, it is possible to bypass the URL filter. For example, if the router administrator blocks the phrase ".exe"; a user can encode one or more characters in the URL phrase to bypass the filter. If we encode the 'x' in ".exe", the new phrase ".e%78e" will bypass the filter
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200501-0217",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fvs318",
"scope": "eq",
"trust": 1.9,
"vendor": "netgear",
"version": "2.4"
},
{
"model": "fvs318v2",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "2.4"
}
],
"sources": [
{
"db": "BID",
"id": "12278"
},
{
"db": "NVD",
"id": "CVE-2005-0291"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-252"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:fvs318:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0291"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Paul Kurczaba\u203b pkurczaba@att.net",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-252"
}
],
"trust": 0.6
},
"cve": "CVE-2005-0291",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-11500",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-0291",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200501-252",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-11500",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11500"
},
{
"db": "NVD",
"id": "CVE-2005-0291"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-252"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in the log viewer in NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via a blocked URL phrase. NetGear FVS318 is reported prone to multiple vulnerabilities. These issues result from insufficient sanitization of user-supplied data and may allow an attacker to bypass URI filters and carry out cross-site scripting attacks. \nThe following issues were identified:\nIt is reported that an attacker can bypass URI filters of the device. \nThe URI filter log viewer is reported prone to a cross-site scripting vulnerability. \nThe research report specified that FVS318 devices with firmware 2.4 are vulnerable to these issues. FVS318 and FVS318v2 are shipped with firmware 2.4, however, it is possible that FVS318v3 and other firmware versions are affected as well. This BID will be updated when more information about affected packages is available. Multiple Vulnerabilities in Netgear FVS318 Router ------------------------------------------------------------------------ SUMMARY The \u003chttp://www.netgear.com\u003e Netgear FVS318 is \"an easy to use, firewall/router designed for home users and small businesses\". SecuriNews Research has found 2 vulnerabilities in the router, one allows bypassing the product\u0027s content filtering mechanism while the other allows injecting arbitrary HTML and/or JavaScript into the product\u0027s log files which can then be used to attack the administrator of the router. DETAILS Content Filtering Bypass: By using HEX encoded characters, it is possible to bypass the URL filter. For example, if the router administrator blocks the phrase \".exe\"; a user can encode one or more characters in the URL phrase to bypass the filter. If we encode the \u0027x\u0027 in \".exe\", the new phrase \".e%78e\" will bypass the filter",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0291"
},
{
"db": "BID",
"id": "12278"
},
{
"db": "VULHUB",
"id": "VHN-11500"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-0291",
"trust": 2.0
},
{
"db": "BID",
"id": "12278",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "13787",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1012913",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "13012",
"trust": 1.7
},
{
"db": "XF",
"id": "18921",
"trust": 0.6
},
{
"db": "XF",
"id": "318",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20050117 MULTIPLE VULNERABILITIES IN NETGEAR FVS318 ROUTER",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20050117 MULTIPLE VULNERABILITIES IN NETGEAR FVS318 ROUTER",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200501-252",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-89399",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-11500",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11500"
},
{
"db": "BID",
"id": "12278"
},
{
"db": "NVD",
"id": "CVE-2005-0291"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-252"
}
]
},
"id": "VAR-200501-0217",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-11500"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T10:45:14.830000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0291"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/12278"
},
{
"trust": 1.7,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-january/030984.html"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/13012"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1012913"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/13787"
},
{
"trust": 1.1,
"url": "http://www.securinews.com/vuln.htm?vulnid=103"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18921"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=110599727631560\u0026w=2"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/18921"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=110599727631560\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.netgear.com/products/prod_details.asp?prodid=129"
},
{
"trust": 0.3,
"url": "/archive/1/387467"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=110599727631560\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11500"
},
{
"db": "BID",
"id": "12278"
},
{
"db": "NVD",
"id": "CVE-2005-0291"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-252"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-11500"
},
{
"db": "BID",
"id": "12278"
},
{
"db": "NVD",
"id": "CVE-2005-0291"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-252"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-01-17T00:00:00",
"db": "VULHUB",
"id": "VHN-11500"
},
{
"date": "2005-01-17T00:00:00",
"db": "BID",
"id": "12278"
},
{
"date": "2005-01-17T05:00:00",
"db": "NVD",
"id": "CVE-2005-0291"
},
{
"date": "2005-01-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-252"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-11500"
},
{
"date": "2009-07-12T10:06:00",
"db": "BID",
"id": "12278"
},
{
"date": "2017-07-11T01:32:12.063000",
"db": "NVD",
"id": "CVE-2005-0291"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-252"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-252"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear FVS318 LogViewer Cross-site scripting vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-252"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-252"
}
],
"trust": 0.6
}
}
CVE-2002-1892 (GCVE-0-2002-1892)
Vulnerability from cvelistv5 – Published: 2005-06-28 04:00 – Updated: 2024-09-17 00:55
VLAI?
Summary
NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:43:32.678Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netgear-fvs318-plaintext-passwords(10216)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10216.php"
},
{
"name": "5830",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5830"
},
{
"name": "20021001 NETGEAR FVS318 Information Disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00004.html"
},
{
"name": "20020927 FVS318 Config stores usernames/passwd\u0027s in plain text",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0133.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-06-28T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netgear-fvs318-plaintext-passwords(10216)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10216.php"
},
{
"name": "5830",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5830"
},
{
"name": "20021001 NETGEAR FVS318 Information Disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00004.html"
},
{
"name": "20020927 FVS318 Config stores usernames/passwd\u0027s in plain text",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0133.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1892",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netgear-fvs318-plaintext-passwords(10216)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10216.php"
},
{
"name": "5830",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5830"
},
{
"name": "20021001 NETGEAR FVS318 Information Disclosure",
"refsource": "BUGTRAQ",
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00004.html"
},
{
"name": "20020927 FVS318 Config stores usernames/passwd\u0027s in plain text",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0133.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1892",
"datePublished": "2005-06-28T04:00:00Z",
"dateReserved": "2005-06-28T04:00:00Z",
"dateUpdated": "2024-09-17T00:55:55.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0290 (GCVE-0-2005-0290)
Vulnerability from cvelistv5 – Published: 2005-02-10 05:00 – Updated: 2024-08-07 21:05
VLAI?
Summary
NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to bypass the filters using hex encoded URLs, as demonstrated using a hex encoded file extension.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:05:25.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030984.html"
},
{
"name": "netgear-fvs318-filter-bypass(18920)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18920"
},
{
"name": "12278",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12278"
},
{
"name": "13787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13787"
},
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110599727631560\u0026w=2"
},
{
"name": "1012913",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012913"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securinews.com/vuln.htm?vulnid=103"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to bypass the filters using hex encoded URLs, as demonstrated using a hex encoded file extension."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030984.html"
},
{
"name": "netgear-fvs318-filter-bypass(18920)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18920"
},
{
"name": "12278",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12278"
},
{
"name": "13787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13787"
},
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110599727631560\u0026w=2"
},
{
"name": "1012913",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012913"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securinews.com/vuln.htm?vulnid=103"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0290",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to bypass the filters using hex encoded URLs, as demonstrated using a hex encoded file extension."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030984.html"
},
{
"name": "netgear-fvs318-filter-bypass(18920)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18920"
},
{
"name": "12278",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12278"
},
{
"name": "13787",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13787"
},
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110599727631560\u0026w=2"
},
{
"name": "1012913",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012913"
},
{
"name": "http://www.securinews.com/vuln.htm?vulnid=103",
"refsource": "MISC",
"url": "http://www.securinews.com/vuln.htm?vulnid=103"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0290",
"datePublished": "2005-02-10T05:00:00",
"dateReserved": "2005-02-10T00:00:00",
"dateUpdated": "2024-08-07T21:05:25.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0291 (GCVE-0-2005-0291)
Vulnerability from cvelistv5 – Published: 2005-02-10 05:00 – Updated: 2024-08-07 21:05
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the log viewer in NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via a blocked URL phrase.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:05:25.571Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030984.html"
},
{
"name": "12278",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12278"
},
{
"name": "13787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13787"
},
{
"name": "netgear-fvs318-log-xss(18921)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18921"
},
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110599727631560\u0026w=2"
},
{
"name": "13012",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/13012"
},
{
"name": "1012913",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012913"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securinews.com/vuln.htm?vulnid=103"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the log viewer in NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via a blocked URL phrase."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030984.html"
},
{
"name": "12278",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12278"
},
{
"name": "13787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13787"
},
{
"name": "netgear-fvs318-log-xss(18921)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18921"
},
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110599727631560\u0026w=2"
},
{
"name": "13012",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/13012"
},
{
"name": "1012913",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012913"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securinews.com/vuln.htm?vulnid=103"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0291",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the log viewer in NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via a blocked URL phrase."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030984.html"
},
{
"name": "12278",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12278"
},
{
"name": "13787",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13787"
},
{
"name": "netgear-fvs318-log-xss(18921)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18921"
},
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110599727631560\u0026w=2"
},
{
"name": "13012",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/13012"
},
{
"name": "1012913",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012913"
},
{
"name": "http://www.securinews.com/vuln.htm?vulnid=103",
"refsource": "MISC",
"url": "http://www.securinews.com/vuln.htm?vulnid=103"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0291",
"datePublished": "2005-02-10T05:00:00",
"dateReserved": "2005-02-10T00:00:00",
"dateUpdated": "2024-08-07T21:05:25.571Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0611 (GCVE-0-2004-0611)
Vulnerability from cvelistv5 – Published: 2004-06-30 04:00 – Updated: 2024-08-08 00:24
VLAI?
Summary
Web-Based Administration in Netgear FVS318 VPN Router allows remote attackers to cause a denial of service (no new connections) via a large number of open HTTP connections.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:26.676Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040621 NETGEAR FVS318 Web-Based Administration DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108787199201059\u0026w=2"
},
{
"name": "10585",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10585"
},
{
"name": "netgear-fvs318-dos(16462)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16462"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Web-Based Administration in Netgear FVS318 VPN Router allows remote attackers to cause a denial of service (no new connections) via a large number of open HTTP connections."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040621 NETGEAR FVS318 Web-Based Administration DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108787199201059\u0026w=2"
},
{
"name": "10585",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10585"
},
{
"name": "netgear-fvs318-dos(16462)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16462"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0611",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Web-Based Administration in Netgear FVS318 VPN Router allows remote attackers to cause a denial of service (no new connections) via a large number of open HTTP connections."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040621 NETGEAR FVS318 Web-Based Administration DoS",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108787199201059\u0026w=2"
},
{
"name": "10585",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10585"
},
{
"name": "netgear-fvs318-dos(16462)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16462"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0611",
"datePublished": "2004-06-30T04:00:00",
"dateReserved": "2004-06-29T00:00:00",
"dateUpdated": "2024-08-08T00:24:26.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1892 (GCVE-0-2002-1892)
Vulnerability from nvd – Published: 2005-06-28 04:00 – Updated: 2024-09-17 00:55
VLAI?
Summary
NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:43:32.678Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netgear-fvs318-plaintext-passwords(10216)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10216.php"
},
{
"name": "5830",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5830"
},
{
"name": "20021001 NETGEAR FVS318 Information Disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00004.html"
},
{
"name": "20020927 FVS318 Config stores usernames/passwd\u0027s in plain text",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0133.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-06-28T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netgear-fvs318-plaintext-passwords(10216)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10216.php"
},
{
"name": "5830",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5830"
},
{
"name": "20021001 NETGEAR FVS318 Information Disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00004.html"
},
{
"name": "20020927 FVS318 Config stores usernames/passwd\u0027s in plain text",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0133.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1892",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netgear-fvs318-plaintext-passwords(10216)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10216.php"
},
{
"name": "5830",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5830"
},
{
"name": "20021001 NETGEAR FVS318 Information Disclosure",
"refsource": "BUGTRAQ",
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00004.html"
},
{
"name": "20020927 FVS318 Config stores usernames/passwd\u0027s in plain text",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0133.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1892",
"datePublished": "2005-06-28T04:00:00Z",
"dateReserved": "2005-06-28T04:00:00Z",
"dateUpdated": "2024-09-17T00:55:55.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0290 (GCVE-0-2005-0290)
Vulnerability from nvd – Published: 2005-02-10 05:00 – Updated: 2024-08-07 21:05
VLAI?
Summary
NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to bypass the filters using hex encoded URLs, as demonstrated using a hex encoded file extension.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:05:25.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030984.html"
},
{
"name": "netgear-fvs318-filter-bypass(18920)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18920"
},
{
"name": "12278",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12278"
},
{
"name": "13787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13787"
},
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110599727631560\u0026w=2"
},
{
"name": "1012913",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012913"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securinews.com/vuln.htm?vulnid=103"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to bypass the filters using hex encoded URLs, as demonstrated using a hex encoded file extension."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030984.html"
},
{
"name": "netgear-fvs318-filter-bypass(18920)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18920"
},
{
"name": "12278",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12278"
},
{
"name": "13787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13787"
},
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110599727631560\u0026w=2"
},
{
"name": "1012913",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012913"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securinews.com/vuln.htm?vulnid=103"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0290",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to bypass the filters using hex encoded URLs, as demonstrated using a hex encoded file extension."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030984.html"
},
{
"name": "netgear-fvs318-filter-bypass(18920)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18920"
},
{
"name": "12278",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12278"
},
{
"name": "13787",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13787"
},
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110599727631560\u0026w=2"
},
{
"name": "1012913",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012913"
},
{
"name": "http://www.securinews.com/vuln.htm?vulnid=103",
"refsource": "MISC",
"url": "http://www.securinews.com/vuln.htm?vulnid=103"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0290",
"datePublished": "2005-02-10T05:00:00",
"dateReserved": "2005-02-10T00:00:00",
"dateUpdated": "2024-08-07T21:05:25.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0291 (GCVE-0-2005-0291)
Vulnerability from nvd – Published: 2005-02-10 05:00 – Updated: 2024-08-07 21:05
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the log viewer in NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via a blocked URL phrase.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:05:25.571Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030984.html"
},
{
"name": "12278",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12278"
},
{
"name": "13787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13787"
},
{
"name": "netgear-fvs318-log-xss(18921)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18921"
},
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110599727631560\u0026w=2"
},
{
"name": "13012",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/13012"
},
{
"name": "1012913",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012913"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securinews.com/vuln.htm?vulnid=103"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the log viewer in NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via a blocked URL phrase."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030984.html"
},
{
"name": "12278",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12278"
},
{
"name": "13787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13787"
},
{
"name": "netgear-fvs318-log-xss(18921)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18921"
},
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110599727631560\u0026w=2"
},
{
"name": "13012",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/13012"
},
{
"name": "1012913",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012913"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securinews.com/vuln.htm?vulnid=103"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0291",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the log viewer in NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via a blocked URL phrase."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030984.html"
},
{
"name": "12278",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12278"
},
{
"name": "13787",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13787"
},
{
"name": "netgear-fvs318-log-xss(18921)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18921"
},
{
"name": "20050117 Multiple Vulnerabilities in Netgear FVS318 Router",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110599727631560\u0026w=2"
},
{
"name": "13012",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/13012"
},
{
"name": "1012913",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012913"
},
{
"name": "http://www.securinews.com/vuln.htm?vulnid=103",
"refsource": "MISC",
"url": "http://www.securinews.com/vuln.htm?vulnid=103"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0291",
"datePublished": "2005-02-10T05:00:00",
"dateReserved": "2005-02-10T00:00:00",
"dateUpdated": "2024-08-07T21:05:25.571Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0611 (GCVE-0-2004-0611)
Vulnerability from nvd – Published: 2004-06-30 04:00 – Updated: 2024-08-08 00:24
VLAI?
Summary
Web-Based Administration in Netgear FVS318 VPN Router allows remote attackers to cause a denial of service (no new connections) via a large number of open HTTP connections.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:26.676Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040621 NETGEAR FVS318 Web-Based Administration DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108787199201059\u0026w=2"
},
{
"name": "10585",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10585"
},
{
"name": "netgear-fvs318-dos(16462)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16462"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Web-Based Administration in Netgear FVS318 VPN Router allows remote attackers to cause a denial of service (no new connections) via a large number of open HTTP connections."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040621 NETGEAR FVS318 Web-Based Administration DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108787199201059\u0026w=2"
},
{
"name": "10585",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10585"
},
{
"name": "netgear-fvs318-dos(16462)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16462"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0611",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Web-Based Administration in Netgear FVS318 VPN Router allows remote attackers to cause a denial of service (no new connections) via a large number of open HTTP connections."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040621 NETGEAR FVS318 Web-Based Administration DoS",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108787199201059\u0026w=2"
},
{
"name": "10585",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10585"
},
{
"name": "netgear-fvs318-dos(16462)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16462"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0611",
"datePublished": "2004-06-30T04:00:00",
"dateReserved": "2004-06-29T00:00:00",
"dateUpdated": "2024-08-08T00:24:26.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2005-0290
Vulnerability from fkie_nvd - Published: 2005-01-17 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to bypass the filters using hex encoded URLs, as demonstrated using a hex encoded file extension.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:fvs318:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C3C54A73-70AB-4C23-BE24-437B386D1CC9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to bypass the filters using hex encoded URLs, as demonstrated using a hex encoded file extension."
}
],
"id": "CVE-2005-0290",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-17T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030984.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110599727631560\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13787"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1012913"
},
{
"source": "cve@mitre.org",
"url": "http://www.securinews.com/vuln.htm?vulnid=103"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/12278"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18920"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030984.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110599727631560\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1012913"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securinews.com/vuln.htm?vulnid=103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/12278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18920"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-0291
Vulnerability from fkie_nvd - Published: 2005-01-17 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the log viewer in NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via a blocked URL phrase.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:fvs318:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C3C54A73-70AB-4C23-BE24-437B386D1CC9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the log viewer in NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via a blocked URL phrase."
}
],
"id": "CVE-2005-0291",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-17T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030984.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110599727631560\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13787"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1012913"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/13012"
},
{
"source": "cve@mitre.org",
"url": "http://www.securinews.com/vuln.htm?vulnid=103"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/12278"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18921"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030984.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110599727631560\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1012913"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/13012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securinews.com/vuln.htm?vulnid=103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/12278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18921"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-0611
Vulnerability from fkie_nvd - Published: 2004-12-06 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Web-Based Administration in Netgear FVS318 VPN Router allows remote attackers to cause a denial of service (no new connections) via a large number of open HTTP connections.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:fvs318:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3DF4C288-1EA1-4DD4-A8A8-9A6899F20FF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:netgear:fvs318:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE59DCA1-F551-46D8-8B80-F9F902F4D5FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:netgear:fvs318:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CEBE1D04-920F-4499-BA10-AF5D9B2DC02A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:netgear:fvs318:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D3302AB1-B9EB-4137-98E7-0A9083755BA0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Web-Based Administration in Netgear FVS318 VPN Router allows remote attackers to cause a denial of service (no new connections) via a large number of open HTTP connections."
},
{
"lang": "es",
"value": "La administraci\u00f3n basada en web de Netgear FVS318 VPN Router permite a atacantes remotos causar una denegaci\u00f3n de servicio (impide conexiones nuevas) mediante un gran n\u00famero de conexiones HTTP abiertas."
}
],
"id": "CVE-2004-0611",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-06T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108787199201059\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10585"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16462"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108787199201059\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16462"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2002-1892
Vulnerability from fkie_nvd - Published: 2002-12-31 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:fvs318:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE59DCA1-F551-46D8-8B80-F9F902F4D5FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information."
}
],
"id": "CVE-2002-1892",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0133.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00004.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/10216.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/5830"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0133.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/10216.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/5830"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}