Search criteria
3 vulnerabilities found for p0_router_firmware by 360
FKIE_CVE-2019-3404
Vulnerability from fkie_nvd - Published: 2020-03-04 14:15 - Updated: 2024-11-21 04:42
Severity ?
Summary
By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C.
References
| URL | Tags | ||
|---|---|---|---|
| security@360.cn | https://security.360.cn/News/news/id/218.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.360.cn/News/news/id/218.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 360 | p0_router_firmware | 3.1.1.65150 | |
| 360 | p0_router | - | |
| 360 | f5c_router_firmware | 3.1.1.65150 | |
| 360 | f5c_router | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:360:p0_router_firmware:3.1.1.65150:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7FAA6E-7710-4F09-95E7-0784CB91A5EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:360:p0_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8AFF8F-155D-47AE-85FC-0A0703D507D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:360:f5c_router_firmware:3.1.1.65150:*:*:*:*:*:*:*",
"matchCriteriaId": "6C32952B-003A-4297-8CE3-0A675F578BD6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:360:f5c_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB803DF3-3DFF-4FD5-97C0-85320AA83301",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C."
},
{
"lang": "es",
"value": "Al agregar algunos campos especiales en la funci\u00f3n de uri ofrouter app, el usuario podr\u00eda abusar de las funciones cgi de la aplicaci\u00f3n en segundo plano sin necesidad de autenticaci\u00f3n. Esto afecta a los enrutadores P0 y F5C de 360."
}
],
"id": "CVE-2019-3404",
"lastModified": "2024-11-21T04:42:02.467",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-04T14:15:10.307",
"references": [
{
"source": "security@360.cn",
"tags": [
"Vendor Advisory"
],
"url": "https://security.360.cn/News/news/id/218.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://security.360.cn/News/news/id/218.html"
}
],
"sourceIdentifier": "security@360.cn",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2019-3404 (GCVE-0-2019-3404)
Vulnerability from cvelistv5 – Published: 2020-03-04 13:01 – Updated: 2024-08-04 19:12
VLAI?
Summary
By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C.
Severity ?
No CVSS data available.
CWE
- Improper Authentication
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 360 Security Technology, Inc. | 360 Router F5C |
Affected:
360POP-F5C-V3.1.1.65150
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:12:09.558Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.360.cn/News/news/id/218.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "360 Router F5C",
"vendor": "360 Security Technology, Inc.",
"versions": [
{
"status": "affected",
"version": "360POP-F5C-V3.1.1.65150"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-04T13:01:17",
"orgId": "40f8fa2f-7875-43d0-a30e-e901a5537754",
"shortName": "360ST"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.360.cn/News/news/id/218.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@360.cn",
"ID": "CVE-2019-3404",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "360 Router F5C",
"version": {
"version_data": [
{
"version_value": "360POP-F5C-V3.1.1.65150"
}
]
}
}
]
},
"vendor_name": "360 Security Technology, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.360.cn/News/news/id/218.html",
"refsource": "CONFIRM",
"url": "https://security.360.cn/News/news/id/218.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "40f8fa2f-7875-43d0-a30e-e901a5537754",
"assignerShortName": "360ST",
"cveId": "CVE-2019-3404",
"datePublished": "2020-03-04T13:01:17",
"dateReserved": "2018-12-19T00:00:00",
"dateUpdated": "2024-08-04T19:12:09.558Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-3404 (GCVE-0-2019-3404)
Vulnerability from nvd – Published: 2020-03-04 13:01 – Updated: 2024-08-04 19:12
VLAI?
Summary
By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C.
Severity ?
No CVSS data available.
CWE
- Improper Authentication
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 360 Security Technology, Inc. | 360 Router F5C |
Affected:
360POP-F5C-V3.1.1.65150
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:12:09.558Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.360.cn/News/news/id/218.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "360 Router F5C",
"vendor": "360 Security Technology, Inc.",
"versions": [
{
"status": "affected",
"version": "360POP-F5C-V3.1.1.65150"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-04T13:01:17",
"orgId": "40f8fa2f-7875-43d0-a30e-e901a5537754",
"shortName": "360ST"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.360.cn/News/news/id/218.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@360.cn",
"ID": "CVE-2019-3404",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "360 Router F5C",
"version": {
"version_data": [
{
"version_value": "360POP-F5C-V3.1.1.65150"
}
]
}
}
]
},
"vendor_name": "360 Security Technology, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.360.cn/News/news/id/218.html",
"refsource": "CONFIRM",
"url": "https://security.360.cn/News/news/id/218.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "40f8fa2f-7875-43d0-a30e-e901a5537754",
"assignerShortName": "360ST",
"cveId": "CVE-2019-3404",
"datePublished": "2020-03-04T13:01:17",
"dateReserved": "2018-12-19T00:00:00",
"dateUpdated": "2024-08-04T19:12:09.558Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}