Search criteria
3 vulnerabilities found for safe_router_p0_firmware by 360
FKIE_CVE-2018-19031
Vulnerability from fkie_nvd - Published: 2019-11-04 15:15 - Updated: 2024-11-21 03:57
Severity ?
Summary
A command injection vulnerability exists when the authorized user passes crafted parameter to background process in the router. This affects 360 router series products (360 Safe Router P0,P1,P2,P3,P4), the affected version is V2.0.61.58897.
References
| URL | Tags | ||
|---|---|---|---|
| security@360.cn | https://security.360.cn/News/news/id/188.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.360.cn/News/news/id/188.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 360 | safe_router_p0_firmware | 2.0.61.58897 | |
| 360 | safe_router_p0 | - | |
| 360 | safe_router_p1_firmware | 2.0.61.58897 | |
| 360 | safe_router_p1 | - | |
| 360 | safe_router_p2_firmware | 2.0.61.58897 | |
| 360 | safe_router_p2 | - | |
| 360 | safe_router_p3_firmware | 2.0.61.58897 | |
| 360 | safe_router_p3 | - | |
| 360 | safe_router_p4_firmware | 2.0.61.58897 | |
| 360 | safe_router_p4 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:360:safe_router_p0_firmware:2.0.61.58897:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC971CA-6B4B-444F-9A14-312F4E056025",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:360:safe_router_p0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35113D47-CDB8-4612-BC3E-A83A0DA95372",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:360:safe_router_p1_firmware:2.0.61.58897:*:*:*:*:*:*:*",
"matchCriteriaId": "1A571AED-753F-434A-A930-AFBA375D1F40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:360:safe_router_p1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3700FDF1-53F1-4E76-87BA-92902DBCB8E1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:360:safe_router_p2_firmware:2.0.61.58897:*:*:*:*:*:*:*",
"matchCriteriaId": "15B02088-2652-40BC-97DB-7AFCEF8EF6D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:360:safe_router_p2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB8C3A6B-110D-40CF-BFFA-4B3FD66D450C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:360:safe_router_p3_firmware:2.0.61.58897:*:*:*:*:*:*:*",
"matchCriteriaId": "17AF3DAC-0C0E-441C-A77D-830705E57696",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:360:safe_router_p3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "937F78E0-FDE5-4068-B8B6-59C1F188AC73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:360:safe_router_p4_firmware:2.0.61.58897:*:*:*:*:*:*:*",
"matchCriteriaId": "7868460C-9A32-4BB3-9552-18D589729A96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:360:safe_router_p4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60EDE287-E3E3-43E3-BEA1-89A18624807A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A command injection vulnerability exists when the authorized user passes crafted parameter to background process in the router. This affects 360 router series products (360 Safe Router P0,P1,P2,P3,P4), the affected version is V2.0.61.58897."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de inyecci\u00f3n de comando cuando el usuario autorizado pasa el par\u00e1metro dise\u00f1ado hacia el proceso en segundo plano en el enrutador. Esto afecta a los productos de la serie de enrutadores 360 (360 Safe Router P0, P1, P2, P3, P4), la versi\u00f3n afectada es V2.0.61.58897."
}
],
"id": "CVE-2018-19031",
"lastModified": "2024-11-21T03:57:11.630",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-04T15:15:11.287",
"references": [
{
"source": "security@360.cn",
"tags": [
"Vendor Advisory"
],
"url": "https://security.360.cn/News/news/id/188.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://security.360.cn/News/news/id/188.html"
}
],
"sourceIdentifier": "security@360.cn",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2018-19031 (GCVE-0-2018-19031)
Vulnerability from cvelistv5 – Published: 2019-11-04 14:42 – Updated: 2024-08-05 11:23
VLAI?
Summary
A command injection vulnerability exists when the authorized user passes crafted parameter to background process in the router. This affects 360 router series products (360 Safe Router P0,P1,P2,P3,P4), the affected version is V2.0.61.58897.
Severity ?
No CVSS data available.
CWE
- Local Code Execution
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 360 Security Technology, Inc. | 360 Safe Router |
Affected:
V2.0.61.58897
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:23:09.028Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.360.cn/News/news/id/188.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "360 Safe Router",
"vendor": "360 Security Technology, Inc.",
"versions": [
{
"status": "affected",
"version": "V2.0.61.58897"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A command injection vulnerability exists when the authorized user passes crafted parameter to background process in the router. This affects 360 router series products (360 Safe Router P0,P1,P2,P3,P4), the affected version is V2.0.61.58897."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Local Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-04T14:42:42",
"orgId": "40f8fa2f-7875-43d0-a30e-e901a5537754",
"shortName": "360ST"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.360.cn/News/news/id/188.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@360.cn",
"ID": "CVE-2018-19031",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "360 Safe Router",
"version": {
"version_data": [
{
"version_value": "V2.0.61.58897"
}
]
}
}
]
},
"vendor_name": "360 Security Technology, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A command injection vulnerability exists when the authorized user passes crafted parameter to background process in the router. This affects 360 router series products (360 Safe Router P0,P1,P2,P3,P4), the affected version is V2.0.61.58897."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Local Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.360.cn/News/news/id/188.html",
"refsource": "MISC",
"url": "https://security.360.cn/News/news/id/188.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "40f8fa2f-7875-43d0-a30e-e901a5537754",
"assignerShortName": "360ST",
"cveId": "CVE-2018-19031",
"datePublished": "2019-11-04T14:42:42",
"dateReserved": "2018-11-06T00:00:00",
"dateUpdated": "2024-08-05T11:23:09.028Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-19031 (GCVE-0-2018-19031)
Vulnerability from nvd – Published: 2019-11-04 14:42 – Updated: 2024-08-05 11:23
VLAI?
Summary
A command injection vulnerability exists when the authorized user passes crafted parameter to background process in the router. This affects 360 router series products (360 Safe Router P0,P1,P2,P3,P4), the affected version is V2.0.61.58897.
Severity ?
No CVSS data available.
CWE
- Local Code Execution
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| 360 Security Technology, Inc. | 360 Safe Router |
Affected:
V2.0.61.58897
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:23:09.028Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.360.cn/News/news/id/188.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "360 Safe Router",
"vendor": "360 Security Technology, Inc.",
"versions": [
{
"status": "affected",
"version": "V2.0.61.58897"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A command injection vulnerability exists when the authorized user passes crafted parameter to background process in the router. This affects 360 router series products (360 Safe Router P0,P1,P2,P3,P4), the affected version is V2.0.61.58897."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Local Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-04T14:42:42",
"orgId": "40f8fa2f-7875-43d0-a30e-e901a5537754",
"shortName": "360ST"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.360.cn/News/news/id/188.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@360.cn",
"ID": "CVE-2018-19031",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "360 Safe Router",
"version": {
"version_data": [
{
"version_value": "V2.0.61.58897"
}
]
}
}
]
},
"vendor_name": "360 Security Technology, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A command injection vulnerability exists when the authorized user passes crafted parameter to background process in the router. This affects 360 router series products (360 Safe Router P0,P1,P2,P3,P4), the affected version is V2.0.61.58897."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Local Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.360.cn/News/news/id/188.html",
"refsource": "MISC",
"url": "https://security.360.cn/News/news/id/188.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "40f8fa2f-7875-43d0-a30e-e901a5537754",
"assignerShortName": "360ST",
"cveId": "CVE-2018-19031",
"datePublished": "2019-11-04T14:42:42",
"dateReserved": "2018-11-06T00:00:00",
"dateUpdated": "2024-08-05T11:23:09.028Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}