Search criteria
40 vulnerabilities found for sth-eth-250 by samsung
VAR-201809-1070
Vulnerability from variot - Updated: 2023-12-26 23:00An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub with Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long "correlationId" value in order to exploit this vulnerability. Samsung SmartThings Hub Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers. field
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-1070",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub video-core http",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "0.20.17"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20130"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010015"
},
{
"db": "NVD",
"id": "CVE-2018-3896"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-452"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3896"
}
]
},
"cve": "CVE-2018-3896",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3896",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-20130",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-133927",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3896",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3896",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3896",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-20130",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-452",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-133927",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-3896",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20130"
},
{
"db": "VULHUB",
"id": "VHN-133927"
},
{
"db": "VULMON",
"id": "CVE-2018-3896"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010015"
},
{
"db": "NVD",
"id": "CVE-2018-3896"
},
{
"db": "NVD",
"id": "CVE-2018-3896"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-452"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core\u0027s HTTP server of Samsung SmartThings Hub with Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long \"correlationId\" value in order to exploit this vulnerability. Samsung SmartThings Hub Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers. field",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3896"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010015"
},
{
"db": "CNVD",
"id": "CNVD-2018-20130"
},
{
"db": "VULHUB",
"id": "VHN-133927"
},
{
"db": "VULMON",
"id": "CVE-2018-3896"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-3896",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2018-0570",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010015",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-20130",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201809-452",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-133927",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3896",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20130"
},
{
"db": "VULHUB",
"id": "VHN-133927"
},
{
"db": "VULMON",
"id": "CVE-2018-3896"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010015"
},
{
"db": "NVD",
"id": "CVE-2018-3896"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-452"
}
]
},
"id": "VAR-201809-1070",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20130"
},
{
"db": "VULHUB",
"id": "VHN-133927"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20130"
}
]
},
"last_update_date": "2023-12-26T23:00:09.098000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "Patch for SamsungSmartThingsHubvideo-coreHTTP Server Buffer Overflow Vulnerability (CNVD-2018-20130)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/141309"
},
{
"title": "Samsung SmartThings Hub video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=84736"
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/lnick2023/nicenice "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/qazbnm456/awesome-cve-poc "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20130"
},
{
"db": "VULMON",
"id": "CVE-2018-3896"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010015"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-452"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133927"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010015"
},
{
"db": "NVD",
"id": "CVE-2018-3896"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0570"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3896"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3896"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/lnick2023/nicenice"
},
{
"trust": 0.1,
"url": "https://github.com/qazbnm456/awesome-cve-poc"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20130"
},
{
"db": "VULHUB",
"id": "VHN-133927"
},
{
"db": "VULMON",
"id": "CVE-2018-3896"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010015"
},
{
"db": "NVD",
"id": "CVE-2018-3896"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-452"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-20130"
},
{
"db": "VULHUB",
"id": "VHN-133927"
},
{
"db": "VULMON",
"id": "CVE-2018-3896"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010015"
},
{
"db": "NVD",
"id": "CVE-2018-3896"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-452"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-20130"
},
{
"date": "2018-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-133927"
},
{
"date": "2018-09-10T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3896"
},
{
"date": "2018-12-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010015"
},
{
"date": "2018-09-10T15:29:04.467000",
"db": "NVD",
"id": "CVE-2018-3896"
},
{
"date": "2018-09-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-452"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-20130"
},
{
"date": "2022-12-02T00:00:00",
"db": "VULHUB",
"id": "VHN-133927"
},
{
"date": "2022-12-02T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3896"
},
{
"date": "2018-12-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010015"
},
{
"date": "2022-12-02T22:59:35.823000",
"db": "NVD",
"id": "CVE-2018-3896"
},
{
"date": "2022-12-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-452"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-452"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub Buffer error vulnerability in some firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010015"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-452"
}
],
"trust": 0.6
}
}
VAR-201808-0916
Vulnerability from variot - Updated: 2023-12-26 23:00An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. Samsung SmartThings Hub STH-ETH-250 The firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers. field
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0916",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
},
{
"model": "smartthings hub sth-eth-250-",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "0.20.17"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14287"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009978"
},
{
"db": "NVD",
"id": "CVE-2018-3893"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1963"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3893"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1963"
}
],
"trust": 0.6
},
"cve": "CVE-2018-3893",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3893",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-14287",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-133924",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3893",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3893",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3893",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-14287",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1963",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-133924",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-3893",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14287"
},
{
"db": "VULHUB",
"id": "VHN-133924"
},
{
"db": "VULMON",
"id": "CVE-2018-3893"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009978"
},
{
"db": "NVD",
"id": "CVE-2018-3893"
},
{
"db": "NVD",
"id": "CVE-2018-3893"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1963"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core\u0027s HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. Samsung SmartThings Hub STH-ETH-250 The firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers. field",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3893"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009978"
},
{
"db": "CNVD",
"id": "CNVD-2018-14287"
},
{
"db": "VULHUB",
"id": "VHN-133924"
},
{
"db": "VULMON",
"id": "CVE-2018-3893"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-3893",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2018-0570",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009978",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1963",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-14287",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-133924",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3893",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14287"
},
{
"db": "VULHUB",
"id": "VHN-133924"
},
{
"db": "VULMON",
"id": "CVE-2018-3893"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009978"
},
{
"db": "NVD",
"id": "CVE-2018-3893"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1963"
}
]
},
"id": "VAR-201808-0916",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14287"
},
{
"db": "VULHUB",
"id": "VHN-133924"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14287"
}
]
},
"last_update_date": "2023-12-26T23:00:09.064000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "Patch for SamsungSmartThingsHubvideo-coreHTTP Server Buffer Overflow Vulnerability (CNVD-2018-14287)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/135925"
},
{
"title": "Samsung SmartThings Hub video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=82702"
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/lnick2023/nicenice "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/qazbnm456/awesome-cve-poc "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14287"
},
{
"db": "VULMON",
"id": "CVE-2018-3893"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009978"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1963"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133924"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009978"
},
{
"db": "NVD",
"id": "CVE-2018-3893"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0570"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3893"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3893"
},
{
"trust": 0.6,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2018-0570"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/lnick2023/nicenice"
},
{
"trust": 0.1,
"url": "https://github.com/qazbnm456/awesome-cve-poc"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14287"
},
{
"db": "VULHUB",
"id": "VHN-133924"
},
{
"db": "VULMON",
"id": "CVE-2018-3893"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009978"
},
{
"db": "NVD",
"id": "CVE-2018-3893"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1963"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-14287"
},
{
"db": "VULHUB",
"id": "VHN-133924"
},
{
"db": "VULMON",
"id": "CVE-2018-3893"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009978"
},
{
"db": "NVD",
"id": "CVE-2018-3893"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1963"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14287"
},
{
"date": "2018-08-27T00:00:00",
"db": "VULHUB",
"id": "VHN-133924"
},
{
"date": "2018-08-27T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3893"
},
{
"date": "2018-12-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009978"
},
{
"date": "2018-08-27T15:29:00.917000",
"db": "NVD",
"id": "CVE-2018-3893"
},
{
"date": "2018-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1963"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14287"
},
{
"date": "2022-12-02T00:00:00",
"db": "VULHUB",
"id": "VHN-133924"
},
{
"date": "2022-12-02T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3893"
},
{
"date": "2018-12-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009978"
},
{
"date": "2022-12-02T22:58:31.027000",
"db": "NVD",
"id": "CVE-2018-3893"
},
{
"date": "2022-12-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1963"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1963"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250 Firmware buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009978"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1963"
}
],
"trust": 0.6
}
}
VAR-201808-0917
Vulnerability from variot - Updated: 2023-12-26 23:00An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 Firmware version 0.20.17. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long 'endTime' value in order to exploit this vulnerability. An attacker can send an HTTP request to trigger this vulnerability. Samsung SmartThings Hub STH-ETH-250 The firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0917",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 1.4,
"vendor": "samsung",
"version": "0.20.17"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17069"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010253"
},
{
"db": "NVD",
"id": "CVE-2018-3895"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-868"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3895"
}
]
},
"cve": "CVE-2018-3895",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3895",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-17069",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-133926",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3895",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3895",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3895",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-17069",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201808-868",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-133926",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-3895",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17069"
},
{
"db": "VULHUB",
"id": "VHN-133926"
},
{
"db": "VULMON",
"id": "CVE-2018-3895"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010253"
},
{
"db": "NVD",
"id": "CVE-2018-3895"
},
{
"db": "NVD",
"id": "CVE-2018-3895"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-868"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core\u0027s HTTP server of Samsung SmartThings Hub STH-ETH-250 Firmware version 0.20.17. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long \u0027endTime\u0027 value in order to exploit this vulnerability. An attacker can send an HTTP request to trigger this vulnerability. Samsung SmartThings Hub STH-ETH-250 The firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3895"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010253"
},
{
"db": "CNVD",
"id": "CNVD-2018-17069"
},
{
"db": "VULHUB",
"id": "VHN-133926"
},
{
"db": "VULMON",
"id": "CVE-2018-3895"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-3895",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2018-0570",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010253",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201808-868",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-17069",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-133926",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3895",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17069"
},
{
"db": "VULHUB",
"id": "VHN-133926"
},
{
"db": "VULMON",
"id": "CVE-2018-3895"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010253"
},
{
"db": "NVD",
"id": "CVE-2018-3895"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-868"
}
]
},
"id": "VAR-201808-0917",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17069"
},
{
"db": "VULHUB",
"id": "VHN-133926"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17069"
}
]
},
"last_update_date": "2023-12-26T23:00:09.030000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmarThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "Patch for SamsungSmartThingsHub Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/139003"
},
{
"title": "Samsung SmartThings Hub STH-ETH-250 video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=84318"
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/lnick2023/nicenice "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/qazbnm456/awesome-cve-poc "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17069"
},
{
"db": "VULMON",
"id": "CVE-2018-3895"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010253"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-868"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133926"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010253"
},
{
"db": "NVD",
"id": "CVE-2018-3895"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3895"
},
{
"trust": 1.8,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0570"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3895"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/lnick2023/nicenice"
},
{
"trust": 0.1,
"url": "https://github.com/qazbnm456/awesome-cve-poc"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17069"
},
{
"db": "VULHUB",
"id": "VHN-133926"
},
{
"db": "VULMON",
"id": "CVE-2018-3895"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010253"
},
{
"db": "NVD",
"id": "CVE-2018-3895"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-868"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-17069"
},
{
"db": "VULHUB",
"id": "VHN-133926"
},
{
"db": "VULMON",
"id": "CVE-2018-3895"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010253"
},
{
"db": "NVD",
"id": "CVE-2018-3895"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-868"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-17069"
},
{
"date": "2018-08-28T00:00:00",
"db": "VULHUB",
"id": "VHN-133926"
},
{
"date": "2018-08-28T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3895"
},
{
"date": "2018-12-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010253"
},
{
"date": "2018-08-28T19:29:19.113000",
"db": "NVD",
"id": "CVE-2018-3895"
},
{
"date": "2018-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-868"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-17069"
},
{
"date": "2022-12-02T00:00:00",
"db": "VULHUB",
"id": "VHN-133926"
},
{
"date": "2022-12-02T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3895"
},
{
"date": "2018-12-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010253"
},
{
"date": "2022-12-02T22:59:23.323000",
"db": "NVD",
"id": "CVE-2018-3895"
},
{
"date": "2022-12-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-868"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-868"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250 Firmware buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010253"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-868"
}
],
"trust": 0.6
}
}
VAR-201809-1069
Vulnerability from variot - Updated: 2023-12-26 23:00An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long "startTime" value in order to exploit this vulnerability. Samsung SmartThings Hub STH-ETH-250 The firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHubSTH-ETH-250 is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-1069",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 1.4,
"vendor": "samsung",
"version": "0.20.17"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20129"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010908"
},
{
"db": "NVD",
"id": "CVE-2018-3894"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1074"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3894"
}
]
},
"cve": "CVE-2018-3894",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3894",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-20129",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-133925",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3894",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3894",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3894",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-20129",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-1074",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-133925",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-3894",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20129"
},
{
"db": "VULHUB",
"id": "VHN-133925"
},
{
"db": "VULMON",
"id": "CVE-2018-3894"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010908"
},
{
"db": "NVD",
"id": "CVE-2018-3894"
},
{
"db": "NVD",
"id": "CVE-2018-3894"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1074"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core\u0027s HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long \"startTime\" value in order to exploit this vulnerability. Samsung SmartThings Hub STH-ETH-250 The firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHubSTH-ETH-250 is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3894"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010908"
},
{
"db": "CNVD",
"id": "CNVD-2018-20129"
},
{
"db": "VULHUB",
"id": "VHN-133925"
},
{
"db": "VULMON",
"id": "CVE-2018-3894"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-3894",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2018-0570",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010908",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1074",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-20129",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-133925",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3894",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20129"
},
{
"db": "VULHUB",
"id": "VHN-133925"
},
{
"db": "VULMON",
"id": "CVE-2018-3894"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010908"
},
{
"db": "NVD",
"id": "CVE-2018-3894"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1074"
}
]
},
"id": "VAR-201809-1069",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20129"
},
{
"db": "VULHUB",
"id": "VHN-133925"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20129"
}
]
},
"last_update_date": "2023-12-26T23:00:08.996000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmarThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "Patch for SamsungSmartThingsHubSTH-ETH-250video-coreHTTP Server Buffer Overflow Vulnerability (CNVD-2018-20129)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/141317"
},
{
"title": "Samsung SmartThings Hub STH-ETH-250 video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=85133"
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/lnick2023/nicenice "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/qazbnm456/awesome-cve-poc "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20129"
},
{
"db": "VULMON",
"id": "CVE-2018-3894"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010908"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1074"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133925"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010908"
},
{
"db": "NVD",
"id": "CVE-2018-3894"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0570"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3894"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3894"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/lnick2023/nicenice"
},
{
"trust": 0.1,
"url": "https://github.com/qazbnm456/awesome-cve-poc"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20129"
},
{
"db": "VULHUB",
"id": "VHN-133925"
},
{
"db": "VULMON",
"id": "CVE-2018-3894"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010908"
},
{
"db": "NVD",
"id": "CVE-2018-3894"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1074"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-20129"
},
{
"db": "VULHUB",
"id": "VHN-133925"
},
{
"db": "VULMON",
"id": "CVE-2018-3894"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010908"
},
{
"db": "NVD",
"id": "CVE-2018-3894"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1074"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-20129"
},
{
"date": "2018-09-21T00:00:00",
"db": "VULHUB",
"id": "VHN-133925"
},
{
"date": "2018-09-21T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3894"
},
{
"date": "2018-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010908"
},
{
"date": "2018-09-21T15:29:00.780000",
"db": "NVD",
"id": "CVE-2018-3894"
},
{
"date": "2018-09-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-1074"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-20129"
},
{
"date": "2022-12-02T00:00:00",
"db": "VULHUB",
"id": "VHN-133925"
},
{
"date": "2022-12-02T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3894"
},
{
"date": "2018-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010908"
},
{
"date": "2022-12-02T23:01:48.667000",
"db": "NVD",
"id": "CVE-2018-3894"
},
{
"date": "2022-12-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-1074"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-1074"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250 Firmware buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010908"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-1074"
}
],
"trust": 0.6
}
}
VAR-201809-1071
Vulnerability from variot - Updated: 2023-12-26 23:00An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub with Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long "callbackUrl" value in order to exploit this vulnerability. Samsung SmartThings Hub Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers. field
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-1071",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14288"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010016"
},
{
"db": "NVD",
"id": "CVE-2018-3897"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1964"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3897"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1964"
}
],
"trust": 0.6
},
"cve": "CVE-2018-3897",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3897",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-14288",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-133928",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3897",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3897",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3897",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-14288",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1964",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-133928",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-3897",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14288"
},
{
"db": "VULHUB",
"id": "VHN-133928"
},
{
"db": "VULMON",
"id": "CVE-2018-3897"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010016"
},
{
"db": "NVD",
"id": "CVE-2018-3897"
},
{
"db": "NVD",
"id": "CVE-2018-3897"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1964"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core\u0027s HTTP server of Samsung SmartThings Hub with Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long \"callbackUrl\" value in order to exploit this vulnerability. Samsung SmartThings Hub Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers. field",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3897"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010016"
},
{
"db": "CNVD",
"id": "CNVD-2018-14288"
},
{
"db": "VULHUB",
"id": "VHN-133928"
},
{
"db": "VULMON",
"id": "CVE-2018-3897"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-3897",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2018-0570",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010016",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1964",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-14288",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-133928",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3897",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14288"
},
{
"db": "VULHUB",
"id": "VHN-133928"
},
{
"db": "VULMON",
"id": "CVE-2018-3897"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010016"
},
{
"db": "NVD",
"id": "CVE-2018-3897"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1964"
}
]
},
"id": "VAR-201809-1071",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14288"
},
{
"db": "VULHUB",
"id": "VHN-133928"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14288"
}
]
},
"last_update_date": "2023-12-26T23:00:08.961000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "Patch for SamsungSmartThingsHubvideo-coreHTTP Server Buffer Overflow Vulnerability (CNVD-2018-14288)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/135923"
},
{
"title": "Samsung SmartThings Hub video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=82703"
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/lnick2023/nicenice "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/qazbnm456/awesome-cve-poc "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14288"
},
{
"db": "VULMON",
"id": "CVE-2018-3897"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010016"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1964"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133928"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010016"
},
{
"db": "NVD",
"id": "CVE-2018-3897"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0570"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3897"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3897"
},
{
"trust": 0.6,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2018-0570"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/lnick2023/nicenice"
},
{
"trust": 0.1,
"url": "https://github.com/qazbnm456/awesome-cve-poc"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14288"
},
{
"db": "VULHUB",
"id": "VHN-133928"
},
{
"db": "VULMON",
"id": "CVE-2018-3897"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010016"
},
{
"db": "NVD",
"id": "CVE-2018-3897"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1964"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-14288"
},
{
"db": "VULHUB",
"id": "VHN-133928"
},
{
"db": "VULMON",
"id": "CVE-2018-3897"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010016"
},
{
"db": "NVD",
"id": "CVE-2018-3897"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1964"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14288"
},
{
"date": "2018-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-133928"
},
{
"date": "2018-09-10T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3897"
},
{
"date": "2018-12-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010016"
},
{
"date": "2018-09-10T15:29:04.653000",
"db": "NVD",
"id": "CVE-2018-3897"
},
{
"date": "2018-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1964"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14288"
},
{
"date": "2022-12-02T00:00:00",
"db": "VULHUB",
"id": "VHN-133928"
},
{
"date": "2022-12-02T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3897"
},
{
"date": "2018-12-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010016"
},
{
"date": "2022-12-02T22:59:57.817000",
"db": "NVD",
"id": "CVE-2018-3897"
},
{
"date": "2022-12-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1964"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1964"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub Buffer error vulnerability in some firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010016"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1964"
}
],
"trust": 0.6
}
}
VAR-201808-0896
Vulnerability from variot - Updated: 2023-12-18 14:05An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings' remote servers, which incorrectly handle camera IDs for the 'sync' operation, leading to arbitrary deletion of cameras. An attacker can send an HTTP request to trigger this vulnerability. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung. The camera ID of the 'sync' operation
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0896",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250-",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "0.20.17"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17084"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010072"
},
{
"db": "NVD",
"id": "CVE-2018-3918"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1956"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3918"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1956"
}
],
"trust": 0.6
},
"cve": "CVE-2018-3918",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.4,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-3918",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "CNVD-2018-17084",
"impactScore": 7.8,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-133949",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"impactScore": 4.2,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-3918",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3918",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3918",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-17084",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1956",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-133949",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17084"
},
{
"db": "VULHUB",
"id": "VHN-133949"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010072"
},
{
"db": "NVD",
"id": "CVE-2018-3918"
},
{
"db": "NVD",
"id": "CVE-2018-3918"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1956"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings\u0027 remote servers, which incorrectly handle camera IDs for the \u0027sync\u0027 operation, leading to arbitrary deletion of cameras. An attacker can send an HTTP request to trigger this vulnerability. SamsungSmartThingsHub is a smart home management device from South Korea\u0027s Samsung. The camera ID of the \u0027sync\u0027 operation",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3918"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010072"
},
{
"db": "CNVD",
"id": "CNVD-2018-17084"
},
{
"db": "VULHUB",
"id": "VHN-133949"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "TALOS",
"id": "TALOS-2018-0582",
"trust": 3.1
},
{
"db": "NVD",
"id": "CVE-2018-3918",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010072",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1956",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-17084",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-97454",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-133949",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17084"
},
{
"db": "VULHUB",
"id": "VHN-133949"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010072"
},
{
"db": "NVD",
"id": "CVE-2018-3918"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1956"
}
]
},
"id": "VAR-201808-0896",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17084"
},
{
"db": "VULHUB",
"id": "VHN-133949"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17084"
}
]
},
"last_update_date": "2023-12-18T14:05:20.549000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "SamsungSmartThingsHub denial of service vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/139087"
},
{
"title": "Samsung SmartThings Hub Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=82695"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17084"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010072"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1956"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-707",
"trust": 1.9
},
{
"problemtype": "CWE-264",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133949"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010072"
},
{
"db": "NVD",
"id": "CVE-2018-3918"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0582"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3918"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3918"
},
{
"trust": 0.6,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2018-0582"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17084"
},
{
"db": "VULHUB",
"id": "VHN-133949"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010072"
},
{
"db": "NVD",
"id": "CVE-2018-3918"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1956"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-17084"
},
{
"db": "VULHUB",
"id": "VHN-133949"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010072"
},
{
"db": "NVD",
"id": "CVE-2018-3918"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1956"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-17084"
},
{
"date": "2018-08-27T00:00:00",
"db": "VULHUB",
"id": "VHN-133949"
},
{
"date": "2018-12-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010072"
},
{
"date": "2018-08-27T15:29:01.137000",
"db": "NVD",
"id": "CVE-2018-3918"
},
{
"date": "2018-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1956"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-17084"
},
{
"date": "2018-11-09T00:00:00",
"db": "VULHUB",
"id": "VHN-133949"
},
{
"date": "2018-12-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010072"
},
{
"date": "2023-05-16T11:13:47.367000",
"db": "NVD",
"id": "CVE-2018-3918"
},
{
"date": "2022-04-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1956"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1956"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250 - Firmware Vulnerable to improper enforcement of messages or data structures",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010072"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1956"
}
],
"trust": 0.6
}
}
VAR-201808-0910
Vulnerability from variot - Updated: 2023-12-18 14:01An exploitable stack-based buffer overflow vulnerability exists in the samsungWifiScan callback notification of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly handles the answer received from a smart camera, leading to a buffer overflow on the stack. An attacker can send a series of HTTP requests to trigger this vulnerability. Samsung SmartThings Hub STH-ETH-250 The device firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0910",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14291"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009272"
},
{
"db": "NVD",
"id": "CVE-2018-3867"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1967"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3867"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1967"
}
],
"trust": 0.6
},
"cve": "CVE-2018-3867",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3867",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-14291",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-133898",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.9,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3867",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3867",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3867",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-14291",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1967",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-133898",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-3867",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14291"
},
{
"db": "VULHUB",
"id": "VHN-133898"
},
{
"db": "VULMON",
"id": "CVE-2018-3867"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009272"
},
{
"db": "NVD",
"id": "CVE-2018-3867"
},
{
"db": "NVD",
"id": "CVE-2018-3867"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1967"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable stack-based buffer overflow vulnerability exists in the samsungWifiScan callback notification of video-core\u0027s HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly handles the answer received from a smart camera, leading to a buffer overflow on the stack. An attacker can send a series of HTTP requests to trigger this vulnerability. Samsung SmartThings Hub STH-ETH-250 The device firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3867"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009272"
},
{
"db": "CNVD",
"id": "CNVD-2018-14291"
},
{
"db": "VULHUB",
"id": "VHN-133898"
},
{
"db": "VULMON",
"id": "CVE-2018-3867"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-3867",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2018-0549",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009272",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1967",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-14291",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-97452",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-133898",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3867",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14291"
},
{
"db": "VULHUB",
"id": "VHN-133898"
},
{
"db": "VULMON",
"id": "CVE-2018-3867"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009272"
},
{
"db": "NVD",
"id": "CVE-2018-3867"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1967"
}
]
},
"id": "VAR-201808-0910",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14291"
},
{
"db": "VULHUB",
"id": "VHN-133898"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14291"
}
]
},
"last_update_date": "2023-12-18T14:01:09.561000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings",
"trust": 0.8,
"url": "https://www.samsung.com/us/smart-home/smartthings/"
},
{
"title": "Patch for SamsungSmartThingsHubvideo-coreHTTP Server Buffer Overflow Vulnerability (CNVD-2018-14291)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/135917"
},
{
"title": "Samsung SmartThings Hub video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=82706"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14291"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009272"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1967"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133898"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009272"
},
{
"db": "NVD",
"id": "CVE-2018-3867"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2018-0549"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3867"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3867"
},
{
"trust": 0.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0549"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14291"
},
{
"db": "VULHUB",
"id": "VHN-133898"
},
{
"db": "VULMON",
"id": "CVE-2018-3867"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009272"
},
{
"db": "NVD",
"id": "CVE-2018-3867"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1967"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-14291"
},
{
"db": "VULHUB",
"id": "VHN-133898"
},
{
"db": "VULMON",
"id": "CVE-2018-3867"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009272"
},
{
"db": "NVD",
"id": "CVE-2018-3867"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1967"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14291"
},
{
"date": "2018-08-23T00:00:00",
"db": "VULHUB",
"id": "VHN-133898"
},
{
"date": "2018-08-23T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3867"
},
{
"date": "2018-11-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009272"
},
{
"date": "2018-08-23T15:29:00.757000",
"db": "NVD",
"id": "CVE-2018-3867"
},
{
"date": "2018-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1967"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14291"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-133898"
},
{
"date": "2023-04-26T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3867"
},
{
"date": "2018-11-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009272"
},
{
"date": "2023-04-26T18:39:05.247000",
"db": "NVD",
"id": "CVE-2018-3867"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1967"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1967"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250 Device firmware buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009272"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1967"
}
],
"trust": 0.6
}
}
VAR-201808-0897
Vulnerability from variot - Updated: 2023-12-18 13:56An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process insecurely extracts the fields from the "clips" table of its SQLite database, leading to a buffer overflow on the stack. An attacker can send a series of HTTP requests to trigger this vulnerability. Samsung SmartThings Hub STH-ETH-250 The device contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0897",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14285"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009515"
},
{
"db": "NVD",
"id": "CVE-2018-3919"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1959"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3919"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1959"
}
],
"trust": 0.6
},
"cve": "CVE-2018-3919",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3919",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-14285",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-133950",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.9,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3919",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3919",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3919",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-14285",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1959",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-133950",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-3919",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14285"
},
{
"db": "VULHUB",
"id": "VHN-133950"
},
{
"db": "VULMON",
"id": "CVE-2018-3919"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009515"
},
{
"db": "NVD",
"id": "CVE-2018-3919"
},
{
"db": "NVD",
"id": "CVE-2018-3919"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1959"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in video-core\u0027s HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process insecurely extracts the fields from the \"clips\" table of its SQLite database, leading to a buffer overflow on the stack. An attacker can send a series of HTTP requests to trigger this vulnerability. Samsung SmartThings Hub STH-ETH-250 The device contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3919"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009515"
},
{
"db": "CNVD",
"id": "CNVD-2018-14285"
},
{
"db": "VULHUB",
"id": "VHN-133950"
},
{
"db": "VULMON",
"id": "CVE-2018-3919"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-3919",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2018-0583",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009515",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1959",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-14285",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-97451",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-133950",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3919",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14285"
},
{
"db": "VULHUB",
"id": "VHN-133950"
},
{
"db": "VULMON",
"id": "CVE-2018-3919"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009515"
},
{
"db": "NVD",
"id": "CVE-2018-3919"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1959"
}
]
},
"id": "VAR-201808-0897",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14285"
},
{
"db": "VULHUB",
"id": "VHN-133950"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14285"
}
]
},
"last_update_date": "2023-12-18T13:56:56.405000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "Patch for SamsungSmartThingsHubvideo-coreHTTP Server Buffer Overflow Vulnerability (CNVD-2018-14285)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/135929"
},
{
"title": "Samsung SmartThings Hub video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=82698"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14285"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009515"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1959"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133950"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009515"
},
{
"db": "NVD",
"id": "CVE-2018-3919"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2018-0583"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3919"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3919"
},
{
"trust": 0.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0583"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14285"
},
{
"db": "VULHUB",
"id": "VHN-133950"
},
{
"db": "VULMON",
"id": "CVE-2018-3919"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009515"
},
{
"db": "NVD",
"id": "CVE-2018-3919"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1959"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-14285"
},
{
"db": "VULHUB",
"id": "VHN-133950"
},
{
"db": "VULMON",
"id": "CVE-2018-3919"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009515"
},
{
"db": "NVD",
"id": "CVE-2018-3919"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1959"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14285"
},
{
"date": "2018-08-23T00:00:00",
"db": "VULHUB",
"id": "VHN-133950"
},
{
"date": "2018-08-23T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3919"
},
{
"date": "2018-11-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009515"
},
{
"date": "2018-08-23T15:29:01.647000",
"db": "NVD",
"id": "CVE-2018-3919"
},
{
"date": "2018-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1959"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14285"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-133950"
},
{
"date": "2023-05-19T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3919"
},
{
"date": "2018-11-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009515"
},
{
"date": "2023-05-19T16:50:21.370000",
"db": "NVD",
"id": "CVE-2018-3919"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1959"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1959"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250 Device buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009515"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1959"
}
],
"trust": 0.6
}
}
VAR-201808-0918
Vulnerability from variot - Updated: 2023-12-18 13:56An exploitable buffer overflow vulnerability exists in the camera "replace" feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts the URL field from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. Samsung SmartThings Hub STH-ETH-250 The firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0918",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14286"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009478"
},
{
"db": "NVD",
"id": "CVE-2018-3902"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1960"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3902"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1960"
}
],
"trust": 0.6
},
"cve": "CVE-2018-3902",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3902",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-14286",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-133933",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.9,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3902",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3902",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3902",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-14286",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1960",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-133933",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-3902",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14286"
},
{
"db": "VULHUB",
"id": "VHN-133933"
},
{
"db": "VULMON",
"id": "CVE-2018-3902"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009478"
},
{
"db": "NVD",
"id": "CVE-2018-3902"
},
{
"db": "NVD",
"id": "CVE-2018-3902"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1960"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerability exists in the camera \"replace\" feature of video-core\u0027s HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts the URL field from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. Samsung SmartThings Hub STH-ETH-250 The firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3902"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009478"
},
{
"db": "CNVD",
"id": "CNVD-2018-14286"
},
{
"db": "VULHUB",
"id": "VHN-133933"
},
{
"db": "VULMON",
"id": "CVE-2018-3902"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "TALOS",
"id": "TALOS-2018-0573",
"trust": 3.2
},
{
"db": "NVD",
"id": "CVE-2018-3902",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009478",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1960",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-14286",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-97436",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-133933",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3902",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14286"
},
{
"db": "VULHUB",
"id": "VHN-133933"
},
{
"db": "VULMON",
"id": "CVE-2018-3902"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009478"
},
{
"db": "NVD",
"id": "CVE-2018-3902"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1960"
}
]
},
"id": "VAR-201808-0918",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14286"
},
{
"db": "VULHUB",
"id": "VHN-133933"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14286"
}
]
},
"last_update_date": "2023-12-18T13:56:56.372000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "Patch for SamsungSmartThingsHubvideo-coreHTTP Server Buffer Overflow Vulnerability (CNVD-2018-14286)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/135927"
},
{
"title": "Samsung SmartThings Hub video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=82699"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14286"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009478"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1960"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133933"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009478"
},
{
"db": "NVD",
"id": "CVE-2018-3902"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2018-0573"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3902"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3902"
},
{
"trust": 0.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0573"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14286"
},
{
"db": "VULHUB",
"id": "VHN-133933"
},
{
"db": "VULMON",
"id": "CVE-2018-3902"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009478"
},
{
"db": "NVD",
"id": "CVE-2018-3902"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1960"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-14286"
},
{
"db": "VULHUB",
"id": "VHN-133933"
},
{
"db": "VULMON",
"id": "CVE-2018-3902"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009478"
},
{
"db": "NVD",
"id": "CVE-2018-3902"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1960"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14286"
},
{
"date": "2018-08-23T00:00:00",
"db": "VULHUB",
"id": "VHN-133933"
},
{
"date": "2018-08-23T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3902"
},
{
"date": "2018-11-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009478"
},
{
"date": "2018-08-23T15:29:01.100000",
"db": "NVD",
"id": "CVE-2018-3902"
},
{
"date": "2018-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1960"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14286"
},
{
"date": "2023-02-04T00:00:00",
"db": "VULHUB",
"id": "VHN-133933"
},
{
"date": "2023-02-04T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3902"
},
{
"date": "2018-11-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009478"
},
{
"date": "2023-02-04T01:29:39.673000",
"db": "NVD",
"id": "CVE-2018-3902"
},
{
"date": "2023-02-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1960"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1960"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250 Firmware buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009478"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1960"
}
],
"trust": 0.6
}
}
VAR-201808-0892
Vulnerability from variot - Updated: 2023-12-18 13:38An exploitable vulnerability exists in the smart cameras RTSP configuration of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The device incorrectly handles spaces in the URL field, leading to an arbitrary operating system command injection. An attacker can send a series of HTTP requests to trigger this vulnerability. Samsung SmartThings Hub STH-ETH-250 firmware Contains a command injection vulnerability and an argument insertion or modification vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0892",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15901"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009457"
},
{
"db": "NVD",
"id": "CVE-2018-3856"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1947"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3856"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1947"
}
],
"trust": 0.6
},
"cve": "CVE-2018-3856",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3856",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2018-15901",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-133887",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.9,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3856",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3856",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3856",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-15901",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1947",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-133887",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-3856",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15901"
},
{
"db": "VULHUB",
"id": "VHN-133887"
},
{
"db": "VULMON",
"id": "CVE-2018-3856"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009457"
},
{
"db": "NVD",
"id": "CVE-2018-3856"
},
{
"db": "NVD",
"id": "CVE-2018-3856"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1947"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable vulnerability exists in the smart cameras RTSP configuration of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The device incorrectly handles spaces in the URL field, leading to an arbitrary operating system command injection. An attacker can send a series of HTTP requests to trigger this vulnerability. Samsung SmartThings Hub STH-ETH-250 firmware Contains a command injection vulnerability and an argument insertion or modification vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea\u0027s Samsung",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3856"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009457"
},
{
"db": "CNVD",
"id": "CNVD-2018-15901"
},
{
"db": "VULHUB",
"id": "VHN-133887"
},
{
"db": "VULMON",
"id": "CVE-2018-3856"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "TALOS",
"id": "TALOS-2018-0539",
"trust": 3.2
},
{
"db": "NVD",
"id": "CVE-2018-3856",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009457",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1947",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-15901",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-97440",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-133887",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3856",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15901"
},
{
"db": "VULHUB",
"id": "VHN-133887"
},
{
"db": "VULMON",
"id": "CVE-2018-3856"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009457"
},
{
"db": "NVD",
"id": "CVE-2018-3856"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1947"
}
]
},
"id": "VAR-201808-0892",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15901"
},
{
"db": "VULHUB",
"id": "VHN-133887"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15901"
}
]
},
"last_update_date": "2023-12-18T13:38:32.305000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "SamsungSmartThingsHub command to inject vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/138013"
},
{
"title": "Samsung SmartThings Hub Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=82686"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15901"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009457"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1947"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-88",
"trust": 1.9
},
{
"problemtype": "CWE-77",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133887"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009457"
},
{
"db": "NVD",
"id": "CVE-2018-3856"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0539"
},
{
"trust": 1.2,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2018-0539"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3856"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3856"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/88.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15901"
},
{
"db": "VULHUB",
"id": "VHN-133887"
},
{
"db": "VULMON",
"id": "CVE-2018-3856"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009457"
},
{
"db": "NVD",
"id": "CVE-2018-3856"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1947"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-15901"
},
{
"db": "VULHUB",
"id": "VHN-133887"
},
{
"db": "VULMON",
"id": "CVE-2018-3856"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009457"
},
{
"db": "NVD",
"id": "CVE-2018-3856"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1947"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-15901"
},
{
"date": "2018-08-23T00:00:00",
"db": "VULHUB",
"id": "VHN-133887"
},
{
"date": "2018-08-23T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3856"
},
{
"date": "2018-11-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009457"
},
{
"date": "2018-08-23T22:29:00.243000",
"db": "NVD",
"id": "CVE-2018-3856"
},
{
"date": "2018-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1947"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-15901"
},
{
"date": "2022-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-133887"
},
{
"date": "2022-12-03T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3856"
},
{
"date": "2018-11-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009457"
},
{
"date": "2022-12-03T14:20:26.393000",
"db": "NVD",
"id": "CVE-2018-3856"
},
{
"date": "2022-04-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1947"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1947"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub Command Injection Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15901"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1947"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "parameter injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1947"
}
],
"trust": 0.6
}
}
VAR-201808-0913
Vulnerability from variot - Updated: 2023-12-18 13:38An exploitable JSON injection vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly parses the user-controlled JSON payload, leading to a JSON injection which in turn leads to a SQL injection in the video-core database. An attacker can send a series of HTTP requests to trigger this vulnerability. Samsung SmartThings Hub STH-ETH-250 The device includes SQL An injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers. An injection vulnerability exists in the credentials-handler of the video-coreHTTP server in SamsungSmartThingsHub. The vulnerability stems from the program not correctly parsing the JSON payload controlled by the user. An attacker can use the vulnerability to execute arbitrary SQL queries in the context of a video-core process by sending an HTTP request to execute arbitrary code
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0913",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "0.20.17"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17079"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009528"
},
{
"db": "NVD",
"id": "CVE-2018-3879"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1961"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3879"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1961"
}
],
"trust": 0.6
},
"cve": "CVE-2018-3879",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-3879",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-17079",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-133910",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3879",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3879",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3879",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-17079",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1961",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-133910",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17079"
},
{
"db": "VULHUB",
"id": "VHN-133910"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009528"
},
{
"db": "NVD",
"id": "CVE-2018-3879"
},
{
"db": "NVD",
"id": "CVE-2018-3879"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1961"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable JSON injection vulnerability exists in the credentials handler of video-core\u0027s HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly parses the user-controlled JSON payload, leading to a JSON injection which in turn leads to a SQL injection in the video-core database. An attacker can send a series of HTTP requests to trigger this vulnerability. Samsung SmartThings Hub STH-ETH-250 The device includes SQL An injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers. An injection vulnerability exists in the credentials-handler of the video-coreHTTP server in SamsungSmartThingsHub. The vulnerability stems from the program not correctly parsing the JSON payload controlled by the user. An attacker can use the vulnerability to execute arbitrary SQL queries in the context of a video-core process by sending an HTTP request to execute arbitrary code",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3879"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009528"
},
{
"db": "CNVD",
"id": "CNVD-2018-17079"
},
{
"db": "VULHUB",
"id": "VHN-133910"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-3879",
"trust": 3.1
},
{
"db": "TALOS",
"id": "TALOS-2018-0556",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009528",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1961",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-17079",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-97441",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-133910",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17079"
},
{
"db": "VULHUB",
"id": "VHN-133910"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009528"
},
{
"db": "NVD",
"id": "CVE-2018-3879"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1961"
}
]
},
"id": "VAR-201808-0913",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17079"
},
{
"db": "VULHUB",
"id": "VHN-133910"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17079"
}
]
},
"last_update_date": "2023-12-18T13:38:32.274000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "SamsungSmartThingsHubvideo-coreHTTP server injection vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/139065"
},
{
"title": "Samsung SmartThings Hub video-core HTTP Server injection vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=82700"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17079"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009528"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1961"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133910"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009528"
},
{
"db": "NVD",
"id": "CVE-2018-3879"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2018-0556"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3879"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3879"
},
{
"trust": 0.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0556"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17079"
},
{
"db": "VULHUB",
"id": "VHN-133910"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009528"
},
{
"db": "NVD",
"id": "CVE-2018-3879"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1961"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-17079"
},
{
"db": "VULHUB",
"id": "VHN-133910"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009528"
},
{
"db": "NVD",
"id": "CVE-2018-3879"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1961"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-17079"
},
{
"date": "2018-08-23T00:00:00",
"db": "VULHUB",
"id": "VHN-133910"
},
{
"date": "2018-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009528"
},
{
"date": "2018-08-23T15:29:00.990000",
"db": "NVD",
"id": "CVE-2018-3879"
},
{
"date": "2018-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1961"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-17079"
},
{
"date": "2018-10-26T00:00:00",
"db": "VULHUB",
"id": "VHN-133910"
},
{
"date": "2018-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009528"
},
{
"date": "2023-05-19T16:50:01.493000",
"db": "NVD",
"id": "CVE-2018-3879"
},
{
"date": "2022-04-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1961"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1961"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250 In the device SQL Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009528"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1961"
}
],
"trust": 0.6
}
}
VAR-201808-0919
Vulnerability from variot - Updated: 2023-12-18 13:33On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. The memcpy call overflows the destination buffer, which has a size of 512 bytes. An attacker can send an arbitrarily long "url" value in order to overwrite the saved-PC with 0x42424242. Samsung SmartThings Hub STH-ETH-250 The firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers. A buffer overflow vulnerability exists in the camera 'update' feature of the video-coreHTTP server in SamsungSmartThingsHub. This vulnerability stems from the video-core process failing to properly extract the fields in the JSON payload controlled by the user
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0919",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "0.20.17"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17077"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009479"
},
{
"db": "NVD",
"id": "CVE-2018-3903"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1944"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3903"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1944"
}
],
"trust": 0.6
},
"cve": "CVE-2018-3903",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3903",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-17077",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-133934",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.9,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3903",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3903",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3903",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-17077",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1944",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-133934",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-3903",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17077"
},
{
"db": "VULHUB",
"id": "VHN-133934"
},
{
"db": "VULMON",
"id": "CVE-2018-3903"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009479"
},
{
"db": "NVD",
"id": "CVE-2018-3903"
},
{
"db": "NVD",
"id": "CVE-2018-3903"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1944"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. The memcpy call overflows the destination buffer, which has a size of 512 bytes. An attacker can send an arbitrarily long \"url\" value in order to overwrite the saved-PC with 0x42424242. Samsung SmartThings Hub STH-ETH-250 The firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers. A buffer overflow vulnerability exists in the camera \u0027update\u0027 feature of the video-coreHTTP server in SamsungSmartThingsHub. This vulnerability stems from the video-core process failing to properly extract the fields in the JSON payload controlled by the user",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3903"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009479"
},
{
"db": "CNVD",
"id": "CNVD-2018-17077"
},
{
"db": "VULHUB",
"id": "VHN-133934"
},
{
"db": "VULMON",
"id": "CVE-2018-3903"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "TALOS",
"id": "TALOS-2018-0574",
"trust": 3.2
},
{
"db": "NVD",
"id": "CVE-2018-3903",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009479",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1944",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-17077",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-133934",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3903",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17077"
},
{
"db": "VULHUB",
"id": "VHN-133934"
},
{
"db": "VULMON",
"id": "CVE-2018-3903"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009479"
},
{
"db": "NVD",
"id": "CVE-2018-3903"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1944"
}
]
},
"id": "VAR-201808-0919",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17077"
},
{
"db": "VULHUB",
"id": "VHN-133934"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17077"
}
]
},
"last_update_date": "2023-12-18T13:33:43.428000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "Patch for SamsungSmartThingsHubvideo-coreHTTP Server Buffer Overflow Vulnerability (CNVD-2018-17077)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/139057"
},
{
"title": "Samsung SmartThings Hub video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=82683"
},
{
"title": "Exp101tsArchiv30thers",
"trust": 0.1,
"url": "https://github.com/nu11secur1ty/exp101tsarchiv30thers "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/lnick2023/nicenice "
},
{
"title": "awesome-cve-poc_qazbnm456",
"trust": 0.1,
"url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17077"
},
{
"db": "VULMON",
"id": "CVE-2018-3903"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009479"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1944"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133934"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009479"
},
{
"db": "NVD",
"id": "CVE-2018-3903"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2018-0574"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3903"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3903"
},
{
"trust": 0.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0574"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/nu11secur1ty/exp101tsarchiv30thers"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17077"
},
{
"db": "VULHUB",
"id": "VHN-133934"
},
{
"db": "VULMON",
"id": "CVE-2018-3903"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009479"
},
{
"db": "NVD",
"id": "CVE-2018-3903"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1944"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-17077"
},
{
"db": "VULHUB",
"id": "VHN-133934"
},
{
"db": "VULMON",
"id": "CVE-2018-3903"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009479"
},
{
"db": "NVD",
"id": "CVE-2018-3903"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1944"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-17077"
},
{
"date": "2018-08-23T00:00:00",
"db": "VULHUB",
"id": "VHN-133934"
},
{
"date": "2018-08-23T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3903"
},
{
"date": "2018-11-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009479"
},
{
"date": "2018-08-23T15:29:01.210000",
"db": "NVD",
"id": "CVE-2018-3903"
},
{
"date": "2018-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1944"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-17077"
},
{
"date": "2018-10-26T00:00:00",
"db": "VULHUB",
"id": "VHN-133934"
},
{
"date": "2023-05-16T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3903"
},
{
"date": "2018-11-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009479"
},
{
"date": "2023-05-16T11:09:30.940000",
"db": "NVD",
"id": "CVE-2018-3903"
},
{
"date": "2023-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1944"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1944"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250 Firmware buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009479"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1944"
}
],
"trust": 0.6
}
}
VAR-201808-0920
Vulnerability from variot - Updated: 2023-12-18 13:33An exploitable buffer overflow vulnerability exists in the camera 'update' feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. Samsung SmartThings Hub STH-ETH-250 The firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0920",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250-",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "0.20.17"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17076"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009977"
},
{
"db": "NVD",
"id": "CVE-2018-3904"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1945"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3904"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1945"
}
],
"trust": 0.6
},
"cve": "CVE-2018-3904",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3904",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-17076",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-133935",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.9,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3904",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3904",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3904",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-17076",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1945",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-133935",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-3904",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17076"
},
{
"db": "VULHUB",
"id": "VHN-133935"
},
{
"db": "VULMON",
"id": "CVE-2018-3904"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009977"
},
{
"db": "NVD",
"id": "CVE-2018-3904"
},
{
"db": "NVD",
"id": "CVE-2018-3904"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1945"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerability exists in the camera \u0027update\u0027 feature of video-core\u0027s HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. Samsung SmartThings Hub STH-ETH-250 The firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3904"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009977"
},
{
"db": "CNVD",
"id": "CNVD-2018-17076"
},
{
"db": "VULHUB",
"id": "VHN-133935"
},
{
"db": "VULMON",
"id": "CVE-2018-3904"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "TALOS",
"id": "TALOS-2018-0574",
"trust": 3.2
},
{
"db": "NVD",
"id": "CVE-2018-3904",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009977",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1945",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-17076",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-133935",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3904",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17076"
},
{
"db": "VULHUB",
"id": "VHN-133935"
},
{
"db": "VULMON",
"id": "CVE-2018-3904"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009977"
},
{
"db": "NVD",
"id": "CVE-2018-3904"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1945"
}
]
},
"id": "VAR-201808-0920",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17076"
},
{
"db": "VULHUB",
"id": "VHN-133935"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17076"
}
]
},
"last_update_date": "2023-12-18T13:33:43.459000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "Patch for SamsungSmartThingsHubvideo-coreHTTP Server Buffer Overflow Vulnerability (CNVD-2018-17076)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/139055"
},
{
"title": "Samsung SmartThings Hub video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=82684"
},
{
"title": "Exp101tsArchiv30thers",
"trust": 0.1,
"url": "https://github.com/nu11secur1ty/exp101tsarchiv30thers "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/lnick2023/nicenice "
},
{
"title": "awesome-cve-poc_qazbnm456",
"trust": 0.1,
"url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17076"
},
{
"db": "VULMON",
"id": "CVE-2018-3904"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009977"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1945"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133935"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009977"
},
{
"db": "NVD",
"id": "CVE-2018-3904"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0574"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3904"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3904"
},
{
"trust": 0.6,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2018-0574"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/nu11secur1ty/exp101tsarchiv30thers"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17076"
},
{
"db": "VULHUB",
"id": "VHN-133935"
},
{
"db": "VULMON",
"id": "CVE-2018-3904"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009977"
},
{
"db": "NVD",
"id": "CVE-2018-3904"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1945"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-17076"
},
{
"db": "VULHUB",
"id": "VHN-133935"
},
{
"db": "VULMON",
"id": "CVE-2018-3904"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009977"
},
{
"db": "NVD",
"id": "CVE-2018-3904"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1945"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-17076"
},
{
"date": "2018-08-27T00:00:00",
"db": "VULHUB",
"id": "VHN-133935"
},
{
"date": "2018-08-27T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3904"
},
{
"date": "2018-12-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009977"
},
{
"date": "2018-08-27T15:29:01.027000",
"db": "NVD",
"id": "CVE-2018-3904"
},
{
"date": "2018-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1945"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-17076"
},
{
"date": "2018-11-09T00:00:00",
"db": "VULHUB",
"id": "VHN-133935"
},
{
"date": "2023-05-16T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3904"
},
{
"date": "2018-12-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009977"
},
{
"date": "2023-05-16T11:13:40.870000",
"db": "NVD",
"id": "CVE-2018-3904"
},
{
"date": "2023-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1945"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1945"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250 Firmware buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009977"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1945"
}
],
"trust": 0.6
}
}
VAR-201809-1064
Vulnerability from variot - Updated: 2023-12-18 13:33An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 160 bytes. An attacker can send an arbitrarily long "directory" value in order to exploit this vulnerability. Samsung SmartThings Hub STH-ETH-250-Firmware Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Samsung SmartThings Hub STH-ETH-250 is a smart home management device from Samsung. video-core HTTP server is one of the HTTP servers
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-1064",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "0.20.17"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010109"
},
{
"db": "NVD",
"id": "CVE-2018-3877"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1079"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3877"
}
]
},
"cve": "CVE-2018-3877",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3877",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-133908",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3877",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3877",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3877",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-3877",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-1079",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-133908",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-3877",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133908"
},
{
"db": "VULMON",
"id": "CVE-2018-3877"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010109"
},
{
"db": "NVD",
"id": "CVE-2018-3877"
},
{
"db": "NVD",
"id": "CVE-2018-3877"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1079"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerability exists in the credentials handler of video-core\u0027s HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 160 bytes. An attacker can send an arbitrarily long \"directory\" value in order to exploit this vulnerability. Samsung SmartThings Hub STH-ETH-250-Firmware Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Samsung SmartThings Hub STH-ETH-250 is a smart home management device from Samsung. video-core HTTP server is one of the HTTP servers",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3877"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010109"
},
{
"db": "VULHUB",
"id": "VHN-133908"
},
{
"db": "VULMON",
"id": "CVE-2018-3877"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "TALOS",
"id": "TALOS-2018-0555",
"trust": 2.6
},
{
"db": "NVD",
"id": "CVE-2018-3877",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010109",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1079",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-133908",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3877",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133908"
},
{
"db": "VULMON",
"id": "CVE-2018-3877"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010109"
},
{
"db": "NVD",
"id": "CVE-2018-3877"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1079"
}
]
},
"id": "VAR-201809-1064",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-133908"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:33:42.095000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "Samsung SmartThings Hub STH-ETH-250 video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=85134"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010109"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1079"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133908"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010109"
},
{
"db": "NVD",
"id": "CVE-2018-3877"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0555"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3877"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3877"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133908"
},
{
"db": "VULMON",
"id": "CVE-2018-3877"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010109"
},
{
"db": "NVD",
"id": "CVE-2018-3877"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1079"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-133908"
},
{
"db": "VULMON",
"id": "CVE-2018-3877"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010109"
},
{
"db": "NVD",
"id": "CVE-2018-3877"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1079"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-21T00:00:00",
"db": "VULHUB",
"id": "VHN-133908"
},
{
"date": "2018-09-21T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3877"
},
{
"date": "2018-12-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010109"
},
{
"date": "2018-09-21T14:29:00.600000",
"db": "NVD",
"id": "CVE-2018-3877"
},
{
"date": "2018-09-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-1079"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-09T00:00:00",
"db": "VULHUB",
"id": "VHN-133908"
},
{
"date": "2023-05-19T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3877"
},
{
"date": "2018-12-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010109"
},
{
"date": "2023-05-19T16:49:58.283000",
"db": "NVD",
"id": "CVE-2018-3877"
},
{
"date": "2023-05-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-1079"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-1079"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250-Firmware Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010109"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-1079"
}
],
"trust": 0.6
}
}
VAR-201809-1062
Vulnerability from variot - Updated: 2023-12-18 13:33An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. The strncpy overflows the destination buffer, which has a size of 2,000 bytes. An attacker can send an arbitrarily long "sessionToken" value in order to exploit this vulnerability. Samsung SmartThings Hub STH-ETH-250-Firmware Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHubSTH-ETH-250 is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-1062",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 1.4,
"vendor": "samsung",
"version": "0.20.17"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20124"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010017"
},
{
"db": "NVD",
"id": "CVE-2018-3875"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-442"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3875"
}
]
},
"cve": "CVE-2018-3875",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3875",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-20124",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-133906",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3875",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3875",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3875",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-3875",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-20124",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-442",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-133906",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-3875",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20124"
},
{
"db": "VULHUB",
"id": "VHN-133906"
},
{
"db": "VULMON",
"id": "CVE-2018-3875"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010017"
},
{
"db": "NVD",
"id": "CVE-2018-3875"
},
{
"db": "NVD",
"id": "CVE-2018-3875"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-442"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerability exists in the credentials handler of video-core\u0027s HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. The strncpy overflows the destination buffer, which has a size of 2,000 bytes. An attacker can send an arbitrarily long \"sessionToken\" value in order to exploit this vulnerability. Samsung SmartThings Hub STH-ETH-250-Firmware Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHubSTH-ETH-250 is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3875"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010017"
},
{
"db": "CNVD",
"id": "CNVD-2018-20124"
},
{
"db": "VULHUB",
"id": "VHN-133906"
},
{
"db": "VULMON",
"id": "CVE-2018-3875"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-3875",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2018-0555",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010017",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201809-442",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-20124",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-133906",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3875",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20124"
},
{
"db": "VULHUB",
"id": "VHN-133906"
},
{
"db": "VULMON",
"id": "CVE-2018-3875"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010017"
},
{
"db": "NVD",
"id": "CVE-2018-3875"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-442"
}
]
},
"id": "VAR-201809-1062",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20124"
},
{
"db": "VULHUB",
"id": "VHN-133906"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20124"
}
]
},
"last_update_date": "2023-12-18T13:33:42.226000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "Patch for SamsungSmartThingsHubSTH-ETH-250video-coreHTTP Server Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/141293"
},
{
"title": "Samsung SmartThings Hub STH-ETH-250 video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=84730"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20124"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010017"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-442"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133906"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010017"
},
{
"db": "NVD",
"id": "CVE-2018-3875"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0555"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3875"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3875"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20124"
},
{
"db": "VULHUB",
"id": "VHN-133906"
},
{
"db": "VULMON",
"id": "CVE-2018-3875"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010017"
},
{
"db": "NVD",
"id": "CVE-2018-3875"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-442"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-20124"
},
{
"db": "VULHUB",
"id": "VHN-133906"
},
{
"db": "VULMON",
"id": "CVE-2018-3875"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010017"
},
{
"db": "NVD",
"id": "CVE-2018-3875"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-442"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-20124"
},
{
"date": "2018-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-133906"
},
{
"date": "2018-09-10T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3875"
},
{
"date": "2018-12-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010017"
},
{
"date": "2018-09-10T19:29:00.500000",
"db": "NVD",
"id": "CVE-2018-3875"
},
{
"date": "2018-09-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-442"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-20124"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-133906"
},
{
"date": "2023-05-19T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3875"
},
{
"date": "2018-12-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010017"
},
{
"date": "2023-05-19T16:49:55.027000",
"db": "NVD",
"id": "CVE-2018-3875"
},
{
"date": "2023-05-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-442"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-442"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250-Firmware Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010017"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-442"
}
],
"trust": 0.6
}
}
VAR-201809-1063
Vulnerability from variot - Updated: 2023-12-18 13:33An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 64 bytes. An attacker can send an arbitrarily long "bucket" value in order to exploit this vulnerability. Samsung SmartThings Hub STH-ETH-250-Firmware Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHubSTH-ETH-250 is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-1063",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 1.4,
"vendor": "samsung",
"version": "0.20.17"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20132"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010108"
},
{
"db": "NVD",
"id": "CVE-2018-3876"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1080"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3876"
}
]
},
"cve": "CVE-2018-3876",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3876",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-20132",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-133907",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3876",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3876",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3876",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-20132",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-1080",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-133907",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-3876",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20132"
},
{
"db": "VULHUB",
"id": "VHN-133907"
},
{
"db": "VULMON",
"id": "CVE-2018-3876"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010108"
},
{
"db": "NVD",
"id": "CVE-2018-3876"
},
{
"db": "NVD",
"id": "CVE-2018-3876"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1080"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerability exists in the credentials handler of video-core\u0027s HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 64 bytes. An attacker can send an arbitrarily long \"bucket\" value in order to exploit this vulnerability. Samsung SmartThings Hub STH-ETH-250-Firmware Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHubSTH-ETH-250 is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3876"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010108"
},
{
"db": "CNVD",
"id": "CNVD-2018-20132"
},
{
"db": "VULHUB",
"id": "VHN-133907"
},
{
"db": "VULMON",
"id": "CVE-2018-3876"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-3876",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2018-0555",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010108",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1080",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-20132",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-133907",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3876",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20132"
},
{
"db": "VULHUB",
"id": "VHN-133907"
},
{
"db": "VULMON",
"id": "CVE-2018-3876"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010108"
},
{
"db": "NVD",
"id": "CVE-2018-3876"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1080"
}
]
},
"id": "VAR-201809-1063",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20132"
},
{
"db": "VULHUB",
"id": "VHN-133907"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20132"
}
]
},
"last_update_date": "2023-12-18T13:33:42.156000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "Patch for SamsungSmartThingsHubSTH-ETH-250video-coreHTTP Server Buffer Overflow Vulnerability (CNVD-2018-20132)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/141321"
},
{
"title": "Samsung SmartThings Hub STH-ETH-250 video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=85135"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2018-3876 "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20132"
},
{
"db": "VULMON",
"id": "CVE-2018-3876"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010108"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1080"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133907"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010108"
},
{
"db": "NVD",
"id": "CVE-2018-3876"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0555"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3876"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3876"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2018-3876"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20132"
},
{
"db": "VULHUB",
"id": "VHN-133907"
},
{
"db": "VULMON",
"id": "CVE-2018-3876"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010108"
},
{
"db": "NVD",
"id": "CVE-2018-3876"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1080"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-20132"
},
{
"db": "VULHUB",
"id": "VHN-133907"
},
{
"db": "VULMON",
"id": "CVE-2018-3876"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010108"
},
{
"db": "NVD",
"id": "CVE-2018-3876"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1080"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-20132"
},
{
"date": "2018-09-21T00:00:00",
"db": "VULHUB",
"id": "VHN-133907"
},
{
"date": "2018-09-21T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3876"
},
{
"date": "2018-12-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010108"
},
{
"date": "2018-09-21T14:29:00.477000",
"db": "NVD",
"id": "CVE-2018-3876"
},
{
"date": "2018-09-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-1080"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-20132"
},
{
"date": "2023-02-03T00:00:00",
"db": "VULHUB",
"id": "VHN-133907"
},
{
"date": "2023-02-03T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3876"
},
{
"date": "2018-12-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010108"
},
{
"date": "2023-02-03T02:42:10.700000",
"db": "NVD",
"id": "CVE-2018-3876"
},
{
"date": "2023-02-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-1080"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-1080"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250-Firmware Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010108"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-1080"
}
],
"trust": 0.6
}
}
VAR-201809-1061
Vulnerability from variot - Updated: 2023-12-18 13:33An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 32 bytes. An attacker can send an arbitrarily long "accessKey" value in order to exploit this vulnerability. Samsung SmartThings Hub STH-ETH-250-Firmware Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHubSTH-ETH-250 is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-1061",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 1.4,
"vendor": "samsung",
"version": "0.20.17"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19870"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010107"
},
{
"db": "NVD",
"id": "CVE-2018-3874"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1081"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3874"
}
]
},
"cve": "CVE-2018-3874",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3874",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-19870",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-133905",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3874",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3874",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3874",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-3874",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-19870",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-1081",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-133905",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-3874",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19870"
},
{
"db": "VULHUB",
"id": "VHN-133905"
},
{
"db": "VULMON",
"id": "CVE-2018-3874"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010107"
},
{
"db": "NVD",
"id": "CVE-2018-3874"
},
{
"db": "NVD",
"id": "CVE-2018-3874"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1081"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerability exists in the credentials handler of video-core\u0027s HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 32 bytes. An attacker can send an arbitrarily long \"accessKey\" value in order to exploit this vulnerability. Samsung SmartThings Hub STH-ETH-250-Firmware Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHubSTH-ETH-250 is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3874"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010107"
},
{
"db": "CNVD",
"id": "CNVD-2018-19870"
},
{
"db": "VULHUB",
"id": "VHN-133905"
},
{
"db": "VULMON",
"id": "CVE-2018-3874"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-3874",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2018-0555",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010107",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-19870",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1081",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-133905",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3874",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19870"
},
{
"db": "VULHUB",
"id": "VHN-133905"
},
{
"db": "VULMON",
"id": "CVE-2018-3874"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010107"
},
{
"db": "NVD",
"id": "CVE-2018-3874"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1081"
}
]
},
"id": "VAR-201809-1061",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19870"
},
{
"db": "VULHUB",
"id": "VHN-133905"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19870"
}
]
},
"last_update_date": "2023-12-18T13:33:42.123000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "Patch for SamsungSmartThingsHubSTH-ETH-250video-coreHTTP Server Buffer Overflow Vulnerability (CNVD-2018-19870)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/141103"
},
{
"title": "Samsung SmartThings Hub STH-ETH-250 video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=85136"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19870"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010107"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1081"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133905"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010107"
},
{
"db": "NVD",
"id": "CVE-2018-3874"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0555"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3874"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3874"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19870"
},
{
"db": "VULHUB",
"id": "VHN-133905"
},
{
"db": "VULMON",
"id": "CVE-2018-3874"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010107"
},
{
"db": "NVD",
"id": "CVE-2018-3874"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1081"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-19870"
},
{
"db": "VULHUB",
"id": "VHN-133905"
},
{
"db": "VULMON",
"id": "CVE-2018-3874"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010107"
},
{
"db": "NVD",
"id": "CVE-2018-3874"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1081"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-19870"
},
{
"date": "2018-09-21T00:00:00",
"db": "VULHUB",
"id": "VHN-133905"
},
{
"date": "2018-09-21T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3874"
},
{
"date": "2018-12-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010107"
},
{
"date": "2018-09-21T14:29:00.380000",
"db": "NVD",
"id": "CVE-2018-3874"
},
{
"date": "2018-09-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-1081"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-19870"
},
{
"date": "2018-11-09T00:00:00",
"db": "VULHUB",
"id": "VHN-133905"
},
{
"date": "2023-04-26T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3874"
},
{
"date": "2018-12-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010107"
},
{
"date": "2023-04-26T18:54:05.307000",
"db": "NVD",
"id": "CVE-2018-3874"
},
{
"date": "2023-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-1081"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-1081"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250-Firmware Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010107"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-1081"
}
],
"trust": 0.6
}
}
VAR-201808-0912
Vulnerability from variot - Updated: 2023-12-18 13:33Multiple exploitable buffer overflow vulnerabilities exist in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. A strncpy overflows the destination buffer, which has a size of 16 bytes. An attacker can send an arbitrarily long "region" value in order to exploit this vulnerability. Samsung SmartThings Hub STH-ETH-250 The firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers. A buffer overflow vulnerability exists in the video-coreHTTPserver's credentialshandler in SamsungSmartThingsHub
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0912",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub video-core http server",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15899"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009477"
},
{
"db": "NVD",
"id": "CVE-2018-3878"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1949"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3878"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1949"
}
],
"trust": 0.6
},
"cve": "CVE-2018-3878",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3878",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-15899",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-133909",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.9,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3878",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3878",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3878",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-15899",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1949",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-133909",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-3878",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15899"
},
{
"db": "VULHUB",
"id": "VHN-133909"
},
{
"db": "VULMON",
"id": "CVE-2018-3878"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009477"
},
{
"db": "NVD",
"id": "CVE-2018-3878"
},
{
"db": "NVD",
"id": "CVE-2018-3878"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1949"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple exploitable buffer overflow vulnerabilities exist in the credentials handler of video-core\u0027s HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. A strncpy overflows the destination buffer, which has a size of 16 bytes. An attacker can send an arbitrarily long \"region\" value in order to exploit this vulnerability. Samsung SmartThings Hub STH-ETH-250 The firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers. A buffer overflow vulnerability exists in the video-coreHTTPserver\u0027s credentialshandler in SamsungSmartThingsHub",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3878"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009477"
},
{
"db": "CNVD",
"id": "CNVD-2018-15899"
},
{
"db": "VULHUB",
"id": "VHN-133909"
},
{
"db": "VULMON",
"id": "CVE-2018-3878"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-3878",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2018-0555",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009477",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-15899",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1949",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-133909",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3878",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15899"
},
{
"db": "VULHUB",
"id": "VHN-133909"
},
{
"db": "VULMON",
"id": "CVE-2018-3878"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009477"
},
{
"db": "NVD",
"id": "CVE-2018-3878"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1949"
}
]
},
"id": "VAR-201808-0912",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15899"
},
{
"db": "VULHUB",
"id": "VHN-133909"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15899"
}
]
},
"last_update_date": "2023-12-18T13:33:42.064000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "Patch for SamsungSmartThingsHubvideo-coreHTTP Server Buffer Overflow Vulnerability (CNVD-2018-15899)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/137999"
},
{
"title": "Samsung SmartThings Hub video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=82688"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15899"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009477"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1949"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133909"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009477"
},
{
"db": "NVD",
"id": "CVE-2018-3878"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2018-0555"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3878"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3878"
},
{
"trust": 0.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0555"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15899"
},
{
"db": "VULHUB",
"id": "VHN-133909"
},
{
"db": "VULMON",
"id": "CVE-2018-3878"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009477"
},
{
"db": "NVD",
"id": "CVE-2018-3878"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1949"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-15899"
},
{
"db": "VULHUB",
"id": "VHN-133909"
},
{
"db": "VULMON",
"id": "CVE-2018-3878"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009477"
},
{
"db": "NVD",
"id": "CVE-2018-3878"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1949"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-15899"
},
{
"date": "2018-08-23T00:00:00",
"db": "VULHUB",
"id": "VHN-133909"
},
{
"date": "2018-08-23T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3878"
},
{
"date": "2018-11-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009477"
},
{
"date": "2018-08-23T15:29:00.867000",
"db": "NVD",
"id": "CVE-2018-3878"
},
{
"date": "2018-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1949"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-15899"
},
{
"date": "2018-10-26T00:00:00",
"db": "VULHUB",
"id": "VHN-133909"
},
{
"date": "2023-05-19T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3878"
},
{
"date": "2018-11-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009477"
},
{
"date": "2023-05-19T16:50:10.250000",
"db": "NVD",
"id": "CVE-2018-3878"
},
{
"date": "2022-04-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1949"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1949"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250 Firmware buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009477"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1949"
}
],
"trust": 0.6
}
}
VAR-201809-1060
Vulnerability from variot - Updated: 2023-12-18 13:33An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 128 bytes. An attacker can send an arbitrarily long "secretKey" value in order to exploit this vulnerability. Samsung SmartThings Hub STH-ETH-250-Firmware Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers. This vulnerability stems from the fact that the video-core process failed to properly extract the fields in the JSON payload controlled by the user
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-1060",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub video-core http server",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15900"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010106"
},
{
"db": "NVD",
"id": "CVE-2018-3873"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1948"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3873"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1948"
}
],
"trust": 0.6
},
"cve": "CVE-2018-3873",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3873",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2018-15900",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-133904",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3873",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3873",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3873",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-3873",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-15900",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1948",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-133904",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-3873",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15900"
},
{
"db": "VULHUB",
"id": "VHN-133904"
},
{
"db": "VULMON",
"id": "CVE-2018-3873"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010106"
},
{
"db": "NVD",
"id": "CVE-2018-3873"
},
{
"db": "NVD",
"id": "CVE-2018-3873"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1948"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerability exists in the credentials handler of video-core\u0027s HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 128 bytes. An attacker can send an arbitrarily long \"secretKey\" value in order to exploit this vulnerability. Samsung SmartThings Hub STH-ETH-250-Firmware Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers. This vulnerability stems from the fact that the video-core process failed to properly extract the fields in the JSON payload controlled by the user",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3873"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010106"
},
{
"db": "CNVD",
"id": "CNVD-2018-15900"
},
{
"db": "VULHUB",
"id": "VHN-133904"
},
{
"db": "VULMON",
"id": "CVE-2018-3873"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-3873",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2018-0555",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010106",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1948",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-15900",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-133904",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3873",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15900"
},
{
"db": "VULHUB",
"id": "VHN-133904"
},
{
"db": "VULMON",
"id": "CVE-2018-3873"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010106"
},
{
"db": "NVD",
"id": "CVE-2018-3873"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1948"
}
]
},
"id": "VAR-201809-1060",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15900"
},
{
"db": "VULHUB",
"id": "VHN-133904"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15900"
}
]
},
"last_update_date": "2023-12-18T13:33:42.195000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "Patch for SamsungSmartThingsHubvideo-coreHTTP Server Buffer Overflow Vulnerability (CNVD-2018-15900)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/138007"
},
{
"title": "Samsung SmartThings Hub video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=82687"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15900"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010106"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1948"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133904"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010106"
},
{
"db": "NVD",
"id": "CVE-2018-3873"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0555"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3873"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3873"
},
{
"trust": 0.6,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2018-0555"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15900"
},
{
"db": "VULHUB",
"id": "VHN-133904"
},
{
"db": "VULMON",
"id": "CVE-2018-3873"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010106"
},
{
"db": "NVD",
"id": "CVE-2018-3873"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1948"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-15900"
},
{
"db": "VULHUB",
"id": "VHN-133904"
},
{
"db": "VULMON",
"id": "CVE-2018-3873"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010106"
},
{
"db": "NVD",
"id": "CVE-2018-3873"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1948"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-15900"
},
{
"date": "2018-09-21T00:00:00",
"db": "VULHUB",
"id": "VHN-133904"
},
{
"date": "2018-09-21T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3873"
},
{
"date": "2018-12-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010106"
},
{
"date": "2018-09-21T14:29:00.270000",
"db": "NVD",
"id": "CVE-2018-3873"
},
{
"date": "2018-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1948"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-15900"
},
{
"date": "2018-11-09T00:00:00",
"db": "VULHUB",
"id": "VHN-133904"
},
{
"date": "2023-05-19T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3873"
},
{
"date": "2018-12-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010106"
},
{
"date": "2023-05-19T16:49:45.340000",
"db": "NVD",
"id": "CVE-2018-3873"
},
{
"date": "2023-05-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1948"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1948"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250-Firmware Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010106"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1948"
}
],
"trust": 0.6
}
}
VAR-201808-0911
Vulnerability from variot - Updated: 2023-12-18 13:28An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts the videoHostUrl field from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. Samsung SmartThings Hub STH-ETH-250 - Firmware Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers. ### Tested Versions Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17 ### Product URLs https://www.smartthings.com/products/smartthings-hub ### CVSSv3 Score 9.9 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H ### CWE CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') ### Details Samsung produces a series of devices aimed at controlling and monitoring a home, such as wall switches, LED bulbs, thermostats and cameras. One of those is the Samsung SmartThings Hub, a central controller which allows an end user to use their..
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0911",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14280"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009553"
},
{
"db": "NVD",
"id": "CVE-2018-3872"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1950"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3872"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1950"
}
],
"trust": 0.6
},
"cve": "CVE-2018-3872",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3872",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-14280",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-133903",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.9,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3872",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3872",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3872",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-14280",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1950",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-133903",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-3872",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14280"
},
{
"db": "VULHUB",
"id": "VHN-133903"
},
{
"db": "VULMON",
"id": "CVE-2018-3872"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009553"
},
{
"db": "NVD",
"id": "CVE-2018-3872"
},
{
"db": "NVD",
"id": "CVE-2018-3872"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1950"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerability exists in the credentials handler of video-core\u0027s HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts the videoHostUrl field from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. Samsung SmartThings Hub STH-ETH-250 - Firmware Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers. ### Tested Versions Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17 ### Product URLs [https://www.smartthings.com/products/smartthings-hub](https://www.smartthings.com/products/smartthings-hub) ### CVSSv3 Score 9.9 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H ### CWE CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027) ### Details Samsung produces a series of devices aimed at controlling and monitoring a home, such as wall switches, LED bulbs, thermostats and cameras. One of those is the Samsung SmartThings Hub, a central controller which allows an end user to use their..",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3872"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009553"
},
{
"db": "CNVD",
"id": "CNVD-2018-14280"
},
{
"db": "VULHUB",
"id": "VHN-133903"
},
{
"db": "VULMON",
"id": "CVE-2018-3872"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-3872",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2018-0554",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009553",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-14280",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1950",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-97456",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-133903",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3872",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14280"
},
{
"db": "VULHUB",
"id": "VHN-133903"
},
{
"db": "VULMON",
"id": "CVE-2018-3872"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009553"
},
{
"db": "NVD",
"id": "CVE-2018-3872"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1950"
}
]
},
"id": "VAR-201808-0911",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14280"
},
{
"db": "VULHUB",
"id": "VHN-133903"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14280"
}
]
},
"last_update_date": "2023-12-18T13:28:48.472000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "Patch for SamsungSmartThingsHubvideo-coreHTTP Server Buffer Overflow Vulnerability (CNVD-2018-14280)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/135943"
},
{
"title": "Samsung SmartThings Hub video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=82689"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2018-3872 "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14280"
},
{
"db": "VULMON",
"id": "CVE-2018-3872"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009553"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1950"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133903"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009553"
},
{
"db": "NVD",
"id": "CVE-2018-3872"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0554"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3872"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3872"
},
{
"trust": 0.6,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2018-0554"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2018-3872"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14280"
},
{
"db": "VULHUB",
"id": "VHN-133903"
},
{
"db": "VULMON",
"id": "CVE-2018-3872"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009553"
},
{
"db": "NVD",
"id": "CVE-2018-3872"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1950"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-14280"
},
{
"db": "VULHUB",
"id": "VHN-133903"
},
{
"db": "VULMON",
"id": "CVE-2018-3872"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009553"
},
{
"db": "NVD",
"id": "CVE-2018-3872"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1950"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14280"
},
{
"date": "2018-08-23T00:00:00",
"db": "VULHUB",
"id": "VHN-133903"
},
{
"date": "2018-08-23T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3872"
},
{
"date": "2018-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009553"
},
{
"date": "2018-08-23T22:29:00.477000",
"db": "NVD",
"id": "CVE-2018-3872"
},
{
"date": "2018-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1950"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14280"
},
{
"date": "2022-12-13T00:00:00",
"db": "VULHUB",
"id": "VHN-133903"
},
{
"date": "2022-12-13T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3872"
},
{
"date": "2018-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009553"
},
{
"date": "2022-12-13T15:04:22.593000",
"db": "NVD",
"id": "CVE-2018-3872"
},
{
"date": "2022-04-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1950"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1950"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250 - Firmware Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009553"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1950"
}
],
"trust": 0.6
}
}
VAR-201808-0921
Vulnerability from variot - Updated: 2023-12-18 13:23An exploitable buffer overflow vulnerability exists in the camera "create" feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts the "state" field from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. Samsung SmartThings Hub STH-ETH-250 The device firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers. ' field
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0921",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "0.20.17"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17075"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009273"
},
{
"db": "NVD",
"id": "CVE-2018-3905"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1946"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3905"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1946"
}
],
"trust": 0.6
},
"cve": "CVE-2018-3905",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3905",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "CNVD-2018-17075",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-133936",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.9,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3905",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3905",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3905",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-17075",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1946",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-133936",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-3905",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17075"
},
{
"db": "VULHUB",
"id": "VHN-133936"
},
{
"db": "VULMON",
"id": "CVE-2018-3905"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009273"
},
{
"db": "NVD",
"id": "CVE-2018-3905"
},
{
"db": "NVD",
"id": "CVE-2018-3905"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1946"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerability exists in the camera \"create\" feature of video-core\u0027s HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts the \"state\" field from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. Samsung SmartThings Hub STH-ETH-250 The device firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers. \u0027 field",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3905"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009273"
},
{
"db": "CNVD",
"id": "CNVD-2018-17075"
},
{
"db": "VULHUB",
"id": "VHN-133936"
},
{
"db": "VULMON",
"id": "CVE-2018-3905"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "TALOS",
"id": "TALOS-2018-0575",
"trust": 3.2
},
{
"db": "NVD",
"id": "CVE-2018-3905",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009273",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1946",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-17075",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-97453",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-133936",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3905",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17075"
},
{
"db": "VULHUB",
"id": "VHN-133936"
},
{
"db": "VULMON",
"id": "CVE-2018-3905"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009273"
},
{
"db": "NVD",
"id": "CVE-2018-3905"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1946"
}
]
},
"id": "VAR-201808-0921",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17075"
},
{
"db": "VULHUB",
"id": "VHN-133936"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17075"
}
]
},
"last_update_date": "2023-12-18T13:23:58.407000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings",
"trust": 0.8,
"url": "https://www.samsung.com/us/smart-home/smartthings/"
},
{
"title": "Patch for SamsungSmartThingsHubvideo-coreHTTP Server Buffer Overflow Vulnerability (CNVD-2018-17075)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/139047"
},
{
"title": "Samsung SmartThings Hub video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=82685"
},
{
"title": "Exp101tsArchiv30thers",
"trust": 0.1,
"url": "https://github.com/nu11secur1ty/exp101tsarchiv30thers "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/lnick2023/nicenice "
},
{
"title": "awesome-cve-poc_qazbnm456",
"trust": 0.1,
"url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17075"
},
{
"db": "VULMON",
"id": "CVE-2018-3905"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009273"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1946"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133936"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009273"
},
{
"db": "NVD",
"id": "CVE-2018-3905"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2018-0575"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3905"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3905"
},
{
"trust": 0.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0575"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/nu11secur1ty/exp101tsarchiv30thers"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17075"
},
{
"db": "VULHUB",
"id": "VHN-133936"
},
{
"db": "VULMON",
"id": "CVE-2018-3905"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009273"
},
{
"db": "NVD",
"id": "CVE-2018-3905"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1946"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-17075"
},
{
"db": "VULHUB",
"id": "VHN-133936"
},
{
"db": "VULMON",
"id": "CVE-2018-3905"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009273"
},
{
"db": "NVD",
"id": "CVE-2018-3905"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1946"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-17075"
},
{
"date": "2018-08-23T00:00:00",
"db": "VULHUB",
"id": "VHN-133936"
},
{
"date": "2018-08-23T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3905"
},
{
"date": "2018-11-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009273"
},
{
"date": "2018-08-23T15:29:01.333000",
"db": "NVD",
"id": "CVE-2018-3905"
},
{
"date": "2018-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1946"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-17075"
},
{
"date": "2018-10-22T00:00:00",
"db": "VULHUB",
"id": "VHN-133936"
},
{
"date": "2023-05-16T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3905"
},
{
"date": "2018-11-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009273"
},
{
"date": "2023-05-16T11:10:27.970000",
"db": "NVD",
"id": "CVE-2018-3905"
},
{
"date": "2022-04-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1946"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1946"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250 Device firmware buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009273"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1946"
}
],
"trust": 0.6
}
}
VAR-201808-0909
Vulnerability from variot - Updated: 2023-12-18 13:02An exploitable buffer overflow vulnerability exists in the samsungWifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. The strcpy at [8] overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long 'callbackUrl' value in order to exploit this vulnerability. Samsung SmartThings Hub STH-ETH-250 - Firmware Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers. samsungWifiScanhandler is one of the WiFi network discovery handlers
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0909",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14293"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009552"
},
{
"db": "NVD",
"id": "CVE-2018-3866"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1969"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3866"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1969"
}
],
"trust": 0.6
},
"cve": "CVE-2018-3866",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3866",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-14293",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-133897",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.9,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3866",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3866",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3866",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-14293",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1969",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-133897",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-3866",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14293"
},
{
"db": "VULHUB",
"id": "VHN-133897"
},
{
"db": "VULMON",
"id": "CVE-2018-3866"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009552"
},
{
"db": "NVD",
"id": "CVE-2018-3866"
},
{
"db": "NVD",
"id": "CVE-2018-3866"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1969"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerability exists in the samsungWifiScan handler of video-core\u0027s HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. The strcpy at [8] overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long \u0027callbackUrl\u0027 value in order to exploit this vulnerability. Samsung SmartThings Hub STH-ETH-250 - Firmware Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers. samsungWifiScanhandler is one of the WiFi network discovery handlers",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3866"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009552"
},
{
"db": "CNVD",
"id": "CNVD-2018-14293"
},
{
"db": "VULHUB",
"id": "VHN-133897"
},
{
"db": "VULMON",
"id": "CVE-2018-3866"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-3866",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2018-0548",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009552",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1969",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-14293",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-133897",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3866",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14293"
},
{
"db": "VULHUB",
"id": "VHN-133897"
},
{
"db": "VULMON",
"id": "CVE-2018-3866"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009552"
},
{
"db": "NVD",
"id": "CVE-2018-3866"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1969"
}
]
},
"id": "VAR-201808-0909",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14293"
},
{
"db": "VULHUB",
"id": "VHN-133897"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14293"
}
]
},
"last_update_date": "2023-12-18T13:02:31.006000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "Patch for SamsungSmartThingsHubvideo-coreHTTP Server Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/135911"
},
{
"title": "Samsung SmartThings Hub video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=82708"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14293"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009552"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1969"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133897"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009552"
},
{
"db": "NVD",
"id": "CVE-2018-3866"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0548"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3866"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3866"
},
{
"trust": 0.6,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2018-0548"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14293"
},
{
"db": "VULHUB",
"id": "VHN-133897"
},
{
"db": "VULMON",
"id": "CVE-2018-3866"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009552"
},
{
"db": "NVD",
"id": "CVE-2018-3866"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1969"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-14293"
},
{
"db": "VULHUB",
"id": "VHN-133897"
},
{
"db": "VULMON",
"id": "CVE-2018-3866"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009552"
},
{
"db": "NVD",
"id": "CVE-2018-3866"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1969"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14293"
},
{
"date": "2018-08-23T00:00:00",
"db": "VULHUB",
"id": "VHN-133897"
},
{
"date": "2018-08-23T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3866"
},
{
"date": "2018-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009552"
},
{
"date": "2018-08-23T22:29:00.370000",
"db": "NVD",
"id": "CVE-2018-3866"
},
{
"date": "2018-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1969"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14293"
},
{
"date": "2018-10-29T00:00:00",
"db": "VULHUB",
"id": "VHN-133897"
},
{
"date": "2023-05-16T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3866"
},
{
"date": "2018-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009552"
},
{
"date": "2023-05-16T11:12:16.177000",
"db": "NVD",
"id": "CVE-2018-3866"
},
{
"date": "2023-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1969"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1969"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250 - Firmware Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009552"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1969"
}
],
"trust": 0.6
}
}
VAR-201808-0908
Vulnerability from variot - Updated: 2023-12-18 13:02On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. A strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long "user" value in order to exploit this vulnerability. Samsung SmartThings Hub STH-ETH-250 The firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers. samsungWifiScanhandler is one of the WiFi network discovery handlers. A buffer overflow vulnerability exists in the samsungWifiScanhandler of the video-coreHTTP server in SamsungSmartThingsHub. This vulnerability stems from the fact that the video-core process failed to properly extract the fields in the JSON payload controlled by the user
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0908",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14292"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009476"
},
{
"db": "NVD",
"id": "CVE-2018-3863"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1968"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3863"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1968"
}
],
"trust": 0.6
},
"cve": "CVE-2018-3863",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3863",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-14292",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-133894",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.9,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3863",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3863",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3863",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-14292",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1968",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-133894",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-3863",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14292"
},
{
"db": "VULHUB",
"id": "VHN-133894"
},
{
"db": "VULMON",
"id": "CVE-2018-3863"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009476"
},
{
"db": "NVD",
"id": "CVE-2018-3863"
},
{
"db": "NVD",
"id": "CVE-2018-3863"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1968"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. A strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long \"user\" value in order to exploit this vulnerability. Samsung SmartThings Hub STH-ETH-250 The firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers. samsungWifiScanhandler is one of the WiFi network discovery handlers. A buffer overflow vulnerability exists in the samsungWifiScanhandler of the video-coreHTTP server in SamsungSmartThingsHub. This vulnerability stems from the fact that the video-core process failed to properly extract the fields in the JSON payload controlled by the user",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3863"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009476"
},
{
"db": "CNVD",
"id": "CNVD-2018-14292"
},
{
"db": "VULHUB",
"id": "VHN-133894"
},
{
"db": "VULMON",
"id": "CVE-2018-3863"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-3863",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2018-0548",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009476",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1968",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-14292",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-133894",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3863",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14292"
},
{
"db": "VULHUB",
"id": "VHN-133894"
},
{
"db": "VULMON",
"id": "CVE-2018-3863"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009476"
},
{
"db": "NVD",
"id": "CVE-2018-3863"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1968"
}
]
},
"id": "VAR-201808-0908",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14292"
},
{
"db": "VULHUB",
"id": "VHN-133894"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14292"
}
]
},
"last_update_date": "2023-12-18T13:02:31.066000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "Patch for SamsungSmartThingsHubvideo-coreHTTP Server Buffer Overflow Vulnerability (CNVD-2018-14292)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/135915"
},
{
"title": "Samsung SmartThings Hub video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=82707"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14292"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009476"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1968"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133894"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009476"
},
{
"db": "NVD",
"id": "CVE-2018-3863"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2018-0548"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3863"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3863"
},
{
"trust": 0.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0548"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14292"
},
{
"db": "VULHUB",
"id": "VHN-133894"
},
{
"db": "VULMON",
"id": "CVE-2018-3863"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009476"
},
{
"db": "NVD",
"id": "CVE-2018-3863"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1968"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-14292"
},
{
"db": "VULHUB",
"id": "VHN-133894"
},
{
"db": "VULMON",
"id": "CVE-2018-3863"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009476"
},
{
"db": "NVD",
"id": "CVE-2018-3863"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1968"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14292"
},
{
"date": "2018-08-23T00:00:00",
"db": "VULHUB",
"id": "VHN-133894"
},
{
"date": "2018-08-23T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3863"
},
{
"date": "2018-11-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009476"
},
{
"date": "2018-08-23T15:29:00.647000",
"db": "NVD",
"id": "CVE-2018-3863"
},
{
"date": "2018-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1968"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14292"
},
{
"date": "2018-10-26T00:00:00",
"db": "VULHUB",
"id": "VHN-133894"
},
{
"date": "2023-04-26T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3863"
},
{
"date": "2018-11-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009476"
},
{
"date": "2023-04-26T18:38:45.337000",
"db": "NVD",
"id": "CVE-2018-3863"
},
{
"date": "2023-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1968"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1968"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250 Firmware buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009476"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1968"
}
],
"trust": 0.6
}
}
VAR-201809-1058
Vulnerability from variot - Updated: 2023-12-18 13:02An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long "password" value in order to exploit this vulnerability. Samsung SmartThings Hub STH-ETH-250 - Firmware Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHubSTH-ETH-250 is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-1058",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 1.4,
"vendor": "samsung",
"version": "0.20.17"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19739"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010104"
},
{
"db": "NVD",
"id": "CVE-2018-3864"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-955"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3864"
}
]
},
"cve": "CVE-2018-3864",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3864",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-19739",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-133895",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3864",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3864",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3864",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-19739",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-955",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-133895",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19739"
},
{
"db": "VULHUB",
"id": "VHN-133895"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010104"
},
{
"db": "NVD",
"id": "CVE-2018-3864"
},
{
"db": "NVD",
"id": "CVE-2018-3864"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-955"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core\u0027s HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long \"password\" value in order to exploit this vulnerability. Samsung SmartThings Hub STH-ETH-250 - Firmware Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHubSTH-ETH-250 is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3864"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010104"
},
{
"db": "CNVD",
"id": "CNVD-2018-19739"
},
{
"db": "VULHUB",
"id": "VHN-133895"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-3864",
"trust": 3.1
},
{
"db": "TALOS",
"id": "TALOS-2018-0548",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010104",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201809-955",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-19739",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-133895",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19739"
},
{
"db": "VULHUB",
"id": "VHN-133895"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010104"
},
{
"db": "NVD",
"id": "CVE-2018-3864"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-955"
}
]
},
"id": "VAR-201809-1058",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19739"
},
{
"db": "VULHUB",
"id": "VHN-133895"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19739"
}
]
},
"last_update_date": "2023-12-18T13:02:31.037000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "Patch for SamsungSmartThingsHubSTH-ETH-250video-coreHTTP Server Buffer Overflow Vulnerability (CNVD-2018-19739)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/140957"
},
{
"title": "Samsung SmartThings Hub STH-ETH-250 video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=85070"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19739"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010104"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-955"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133895"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010104"
},
{
"db": "NVD",
"id": "CVE-2018-3864"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0548"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3864"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3864"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19739"
},
{
"db": "VULHUB",
"id": "VHN-133895"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010104"
},
{
"db": "NVD",
"id": "CVE-2018-3864"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-955"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-19739"
},
{
"db": "VULHUB",
"id": "VHN-133895"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010104"
},
{
"db": "NVD",
"id": "CVE-2018-3864"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-955"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-19739"
},
{
"date": "2018-09-20T00:00:00",
"db": "VULHUB",
"id": "VHN-133895"
},
{
"date": "2018-12-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010104"
},
{
"date": "2018-09-20T15:29:00.663000",
"db": "NVD",
"id": "CVE-2018-3864"
},
{
"date": "2018-09-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-955"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-19739"
},
{
"date": "2018-11-09T00:00:00",
"db": "VULHUB",
"id": "VHN-133895"
},
{
"date": "2018-12-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010104"
},
{
"date": "2023-05-16T11:14:43.867000",
"db": "NVD",
"id": "CVE-2018-3864"
},
{
"date": "2023-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-955"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-955"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250 - Firmware Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010104"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-955"
}
],
"trust": 0.6
}
}
VAR-201809-1059
Vulnerability from variot - Updated: 2023-12-18 13:02An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long "cameraIp" value in order to exploit this vulnerability. Samsung SmartThings Hub STH-ETH-250 - Firmware Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHubSTH-ETH-250 is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-1059",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 1.4,
"vendor": "samsung",
"version": "0.20.17"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20459"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010105"
},
{
"db": "NVD",
"id": "CVE-2018-3865"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-954"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3865"
}
]
},
"cve": "CVE-2018-3865",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3865",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-20459",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-133896",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3865",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3865",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3865",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-20459",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-954",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-133896",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20459"
},
{
"db": "VULHUB",
"id": "VHN-133896"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010105"
},
{
"db": "NVD",
"id": "CVE-2018-3865"
},
{
"db": "NVD",
"id": "CVE-2018-3865"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-954"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core\u0027s HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long \"cameraIp\" value in order to exploit this vulnerability. Samsung SmartThings Hub STH-ETH-250 - Firmware Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHubSTH-ETH-250 is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3865"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010105"
},
{
"db": "CNVD",
"id": "CNVD-2018-20459"
},
{
"db": "VULHUB",
"id": "VHN-133896"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-3865",
"trust": 3.1
},
{
"db": "TALOS",
"id": "TALOS-2018-0548",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010105",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201809-954",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-20459",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-133896",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20459"
},
{
"db": "VULHUB",
"id": "VHN-133896"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010105"
},
{
"db": "NVD",
"id": "CVE-2018-3865"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-954"
}
]
},
"id": "VAR-201809-1059",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20459"
},
{
"db": "VULHUB",
"id": "VHN-133896"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20459"
}
]
},
"last_update_date": "2023-12-18T13:02:30.977000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "Patch for SamsungSmartThingsHubSTH-ETH-250video-coreHTTP Server Buffer Overflow Vulnerability (CNVD-2018-20459)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/141639"
},
{
"title": "Samsung SmartThings Hub STH-ETH-250 video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=85069"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20459"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010105"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-954"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133896"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010105"
},
{
"db": "NVD",
"id": "CVE-2018-3865"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0548"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3865"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3865"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20459"
},
{
"db": "VULHUB",
"id": "VHN-133896"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010105"
},
{
"db": "NVD",
"id": "CVE-2018-3865"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-954"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-20459"
},
{
"db": "VULHUB",
"id": "VHN-133896"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010105"
},
{
"db": "NVD",
"id": "CVE-2018-3865"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-954"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-20459"
},
{
"date": "2018-09-20T00:00:00",
"db": "VULHUB",
"id": "VHN-133896"
},
{
"date": "2018-12-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010105"
},
{
"date": "2018-09-20T15:29:00.757000",
"db": "NVD",
"id": "CVE-2018-3865"
},
{
"date": "2018-09-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-954"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-20459"
},
{
"date": "2018-11-09T00:00:00",
"db": "VULHUB",
"id": "VHN-133896"
},
{
"date": "2018-12-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010105"
},
{
"date": "2023-04-26T18:56:43.027000",
"db": "NVD",
"id": "CVE-2018-3865"
},
{
"date": "2023-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-954"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-954"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250 - Firmware Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010105"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-954"
}
],
"trust": 0.6
}
}
VAR-201809-1072
Vulnerability from variot - Updated: 2023-12-18 12:50An exploitable stack-based buffer overflow vulnerability exists in the retrieval of a database field in video-core's HTTP server of Samsung SmartThings Hub. The video-core process insecurely extracts the shard.videoHostURL field from its SQLite database, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. Samsung SmartThings Hub Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-1072",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "smartthings hub",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14289"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010686"
},
{
"db": "NVD",
"id": "CVE-2018-3906"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1965"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3906"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1965"
}
],
"trust": 0.6
},
"cve": "CVE-2018-3906",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-3906",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-14289",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-133937",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-3906",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3906",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3906",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-14289",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1965",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-133937",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14289"
},
{
"db": "VULHUB",
"id": "VHN-133937"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010686"
},
{
"db": "NVD",
"id": "CVE-2018-3906"
},
{
"db": "NVD",
"id": "CVE-2018-3906"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1965"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable stack-based buffer overflow vulnerability exists in the retrieval of a database field in video-core\u0027s HTTP server of Samsung SmartThings Hub. The video-core process insecurely extracts the shard.videoHostURL field from its SQLite database, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. Samsung SmartThings Hub Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3906"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010686"
},
{
"db": "CNVD",
"id": "CNVD-2018-14289"
},
{
"db": "VULHUB",
"id": "VHN-133937"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-3906",
"trust": 3.1
},
{
"db": "TALOS",
"id": "TALOS-2018-0576",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010686",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1965",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-14289",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-97446",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-133937",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14289"
},
{
"db": "VULHUB",
"id": "VHN-133937"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010686"
},
{
"db": "NVD",
"id": "CVE-2018-3906"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1965"
}
]
},
"id": "VAR-201809-1072",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14289"
},
{
"db": "VULHUB",
"id": "VHN-133937"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14289"
}
]
},
"last_update_date": "2023-12-18T12:50:34.287000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmarThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "Patch for SamsungSmartThingsHubvideo-coreHTTP Server Buffer Overflow Vulnerability (CNVD-2018-14289)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/135921"
},
{
"title": "Samsung SmartThings Hub video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=82704"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14289"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010686"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1965"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133937"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010686"
},
{
"db": "NVD",
"id": "CVE-2018-3906"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0576"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3906"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3906"
},
{
"trust": 0.6,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2018-0576"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14289"
},
{
"db": "VULHUB",
"id": "VHN-133937"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010686"
},
{
"db": "NVD",
"id": "CVE-2018-3906"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1965"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-14289"
},
{
"db": "VULHUB",
"id": "VHN-133937"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010686"
},
{
"db": "NVD",
"id": "CVE-2018-3906"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1965"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14289"
},
{
"date": "2018-09-21T00:00:00",
"db": "VULHUB",
"id": "VHN-133937"
},
{
"date": "2018-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010686"
},
{
"date": "2018-09-21T15:29:00.890000",
"db": "NVD",
"id": "CVE-2018-3906"
},
{
"date": "2018-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1965"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14289"
},
{
"date": "2023-02-04T00:00:00",
"db": "VULHUB",
"id": "VHN-133937"
},
{
"date": "2018-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010686"
},
{
"date": "2023-02-04T01:27:32.870000",
"db": "NVD",
"id": "CVE-2018-3906"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1965"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1965"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010686"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1965"
}
],
"trust": 0.6
}
}
VAR-201808-0923
Vulnerability from variot - Updated: 2023-12-18 12:43An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, URL and body. With the implementation of the on_body callback, defined by sub_41734, an attacker can send an HTTP request to trigger this vulnerability. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0923",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17150"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010254"
},
{
"db": "NVD",
"id": "CVE-2018-3908"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-867"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3908"
}
]
},
"cve": "CVE-2018-3908",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.4,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-3908",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-17150",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-133939",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-3908",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3908",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3908",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-17150",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201808-867",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-133939",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17150"
},
{
"db": "VULHUB",
"id": "VHN-133939"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010254"
},
{
"db": "NVD",
"id": "CVE-2018-3908"
},
{
"db": "NVD",
"id": "CVE-2018-3908"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-867"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable vulnerability exists in the REST parser of video-core\u0027s HTTP server of the Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, URL and body. With the implementation of the on_body callback, defined by sub_41734, an attacker can send an HTTP request to trigger this vulnerability. SamsungSmartThingsHub is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3908"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010254"
},
{
"db": "CNVD",
"id": "CNVD-2018-17150"
},
{
"db": "VULHUB",
"id": "VHN-133939"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "TALOS",
"id": "TALOS-2018-0577",
"trust": 3.1
},
{
"db": "NVD",
"id": "CVE-2018-3908",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010254",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201808-867",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-17150",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-133939",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17150"
},
{
"db": "VULHUB",
"id": "VHN-133939"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010254"
},
{
"db": "NVD",
"id": "CVE-2018-3908"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-867"
}
]
},
"id": "VAR-201808-0923",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17150"
},
{
"db": "VULHUB",
"id": "VHN-133939"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17150"
}
]
},
"last_update_date": "2023-12-18T12:43:52.929000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmarThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "SamsungSmartThingsHubSTH-ETH-250video-coreHTTP server injection vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/139195"
},
{
"title": "Samsung SmartThings Hub STH-ETH-250 video-core HTTP Server security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=84317"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17150"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010254"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-867"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-444",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133939"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010254"
},
{
"db": "NVD",
"id": "CVE-2018-3908"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0577"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3908"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3908"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17150"
},
{
"db": "VULHUB",
"id": "VHN-133939"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010254"
},
{
"db": "NVD",
"id": "CVE-2018-3908"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-867"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-17150"
},
{
"db": "VULHUB",
"id": "VHN-133939"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010254"
},
{
"db": "NVD",
"id": "CVE-2018-3908"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-867"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-17150"
},
{
"date": "2018-08-28T00:00:00",
"db": "VULHUB",
"id": "VHN-133939"
},
{
"date": "2018-12-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010254"
},
{
"date": "2018-08-28T19:29:19.507000",
"db": "NVD",
"id": "CVE-2018-3908"
},
{
"date": "2018-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-867"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-17150"
},
{
"date": "2023-02-04T00:00:00",
"db": "VULHUB",
"id": "VHN-133939"
},
{
"date": "2018-12-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010254"
},
{
"date": "2023-02-04T01:24:26.483000",
"db": "NVD",
"id": "CVE-2018-3908"
},
{
"date": "2022-04-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-867"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-867"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250 In firmware HTTP Request smuggling vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010254"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "environmental issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-867"
}
],
"trust": 0.6
}
}
VAR-201808-0922
Vulnerability from variot - Updated: 2023-12-18 12:43An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, 'on_url' callback. An attacker can send an HTTP request to trigger this vulnerability. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers. A security vulnerability exists in the REST resolver for the video-coreHTTP server in SamsungSmartThingsHub, which stems from a program failing to properly handle requests that are transmitted in a pipeline
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0922",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 1.4,
"vendor": "samsung",
"version": "0.20.17"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17151"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009305"
},
{
"db": "NVD",
"id": "CVE-2018-3907"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1951"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3907"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1951"
}
],
"trust": 0.6
},
"cve": "CVE-2018-3907",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.4,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-3907",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-17151",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-133938",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 5.8,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 8.6,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-3907",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3907",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3907",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-3907",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-17151",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1951",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-133938",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-3907",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17151"
},
{
"db": "VULHUB",
"id": "VHN-133938"
},
{
"db": "VULMON",
"id": "CVE-2018-3907"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009305"
},
{
"db": "NVD",
"id": "CVE-2018-3907"
},
{
"db": "NVD",
"id": "CVE-2018-3907"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1951"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable vulnerability exists in the REST parser of video-core\u0027s HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, \u0027on_url\u0027 callback. An attacker can send an HTTP request to trigger this vulnerability. SamsungSmartThingsHub is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers. A security vulnerability exists in the REST resolver for the video-coreHTTP server in SamsungSmartThingsHub, which stems from a program failing to properly handle requests that are transmitted in a pipeline",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3907"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009305"
},
{
"db": "CNVD",
"id": "CNVD-2018-17151"
},
{
"db": "VULHUB",
"id": "VHN-133938"
},
{
"db": "VULMON",
"id": "CVE-2018-3907"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "TALOS",
"id": "TALOS-2018-0577",
"trust": 3.2
},
{
"db": "NVD",
"id": "CVE-2018-3907",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009305",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1951",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-17151",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-133938",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3907",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17151"
},
{
"db": "VULHUB",
"id": "VHN-133938"
},
{
"db": "VULMON",
"id": "CVE-2018-3907"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009305"
},
{
"db": "NVD",
"id": "CVE-2018-3907"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1951"
}
]
},
"id": "VAR-201808-0922",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17151"
},
{
"db": "VULHUB",
"id": "VHN-133938"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17151"
}
]
},
"last_update_date": "2023-12-18T12:43:52.958000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "SamsungSmartThingsHubvideo-coreHTTP server coverage vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/139193"
},
{
"title": "Samsung SmartThings Hub video-core HTTP Server security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=82690"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17151"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009305"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1951"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-444",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133938"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009305"
},
{
"db": "NVD",
"id": "CVE-2018-3907"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0577"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3907"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3907"
},
{
"trust": 0.6,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2018-0577"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/444.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17151"
},
{
"db": "VULHUB",
"id": "VHN-133938"
},
{
"db": "VULMON",
"id": "CVE-2018-3907"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009305"
},
{
"db": "NVD",
"id": "CVE-2018-3907"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1951"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-17151"
},
{
"db": "VULHUB",
"id": "VHN-133938"
},
{
"db": "VULMON",
"id": "CVE-2018-3907"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009305"
},
{
"db": "NVD",
"id": "CVE-2018-3907"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1951"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-17151"
},
{
"date": "2018-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-133938"
},
{
"date": "2018-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3907"
},
{
"date": "2018-11-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009305"
},
{
"date": "2018-08-24T00:29:00.210000",
"db": "NVD",
"id": "CVE-2018-3907"
},
{
"date": "2018-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1951"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-17151"
},
{
"date": "2018-10-22T00:00:00",
"db": "VULHUB",
"id": "VHN-133938"
},
{
"date": "2023-05-16T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3907"
},
{
"date": "2018-11-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009305"
},
{
"date": "2023-05-16T11:13:15.893000",
"db": "NVD",
"id": "CVE-2018-3907"
},
{
"date": "2023-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1951"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1951"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250 In firmware HTTP Request smuggling vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009305"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "environmental issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1951"
}
],
"trust": 0.6
}
}
VAR-201808-0924
Vulnerability from variot - Updated: 2023-12-18 12:43An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, 'onmessagecomplete' callback. An attacker can send an HTTP request to trigger this vulnerability. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers. A security vulnerability exists in the REST resolver for the video-coreHTTP server in SamsungSmartThingsHub, which stems from a program failing to properly handle requests that are transmitted in a pipeline
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0924",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 0.8,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14281"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009306"
},
{
"db": "NVD",
"id": "CVE-2018-3909"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1952"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3909"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1952"
}
],
"trust": 0.6
},
"cve": "CVE-2018-3909",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.4,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-3909",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-14281",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-133940",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 8.6,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-3909",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3909",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3909",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-14281",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1952",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-133940",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14281"
},
{
"db": "VULHUB",
"id": "VHN-133940"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009306"
},
{
"db": "NVD",
"id": "CVE-2018-3909"
},
{
"db": "NVD",
"id": "CVE-2018-3909"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1952"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable vulnerability exists in the REST parser of video-core\u0027s HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, \u0027onmessagecomplete\u0027 callback. An attacker can send an HTTP request to trigger this vulnerability. SamsungSmartThingsHub is a smart home management device from South Korea\u0027s Samsung. video-coreHTTPserver is one of the HTTP servers. A security vulnerability exists in the REST resolver for the video-coreHTTP server in SamsungSmartThingsHub, which stems from a program failing to properly handle requests that are transmitted in a pipeline",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3909"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009306"
},
{
"db": "CNVD",
"id": "CNVD-2018-14281"
},
{
"db": "VULHUB",
"id": "VHN-133940"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-3909",
"trust": 3.1
},
{
"db": "TALOS",
"id": "TALOS-2018-0577",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009306",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1952",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-14281",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-133940",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14281"
},
{
"db": "VULHUB",
"id": "VHN-133940"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009306"
},
{
"db": "NVD",
"id": "CVE-2018-3909"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1952"
}
]
},
"id": "VAR-201808-0924",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14281"
},
{
"db": "VULHUB",
"id": "VHN-133940"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14281"
}
]
},
"last_update_date": "2023-12-18T12:43:52.899000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "Patch for SamsungSmartThingsHubvideo-coreHTTP Server Buffer Overflow Vulnerability (CNVD-2018-14281)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/135941"
},
{
"title": "Samsung SmartThings Hub video-core HTTP Server Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=82691"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14281"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009306"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1952"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-444",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133940"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009306"
},
{
"db": "NVD",
"id": "CVE-2018-3909"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0577"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3909"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3909"
},
{
"trust": 0.6,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2018-0577"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-14281"
},
{
"db": "VULHUB",
"id": "VHN-133940"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009306"
},
{
"db": "NVD",
"id": "CVE-2018-3909"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1952"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-14281"
},
{
"db": "VULHUB",
"id": "VHN-133940"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009306"
},
{
"db": "NVD",
"id": "CVE-2018-3909"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1952"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14281"
},
{
"date": "2018-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-133940"
},
{
"date": "2018-11-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009306"
},
{
"date": "2018-08-24T00:29:00.317000",
"db": "NVD",
"id": "CVE-2018-3909"
},
{
"date": "2018-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1952"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14281"
},
{
"date": "2023-02-04T00:00:00",
"db": "VULHUB",
"id": "VHN-133940"
},
{
"date": "2018-11-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009306"
},
{
"date": "2023-02-04T01:25:51.220000",
"db": "NVD",
"id": "CVE-2018-3909"
},
{
"date": "2022-04-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1952"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1952"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250 In firmware HTTP Request smuggling vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009306"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "environmental issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1952"
}
],
"trust": 0.6
}
}
VAR-201808-0903
Vulnerability from variot - Updated: 2023-12-18 12:43An exploitable integer underflow vulnerability exists in the ZigBee firmware update routine of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process incorrectly handles malformed files existing in its data directory, leading to an infinite loop, which eventually causes the process to crash. An attacker can send an HTTP request to trigger this vulnerability. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung. Samsung SmartThings Hub is prone to a denial-of-service vulnerability. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed. Samsung SmartThings Hub STH-ETH-250 0.20.17 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0903",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sth-eth-250",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub sth-eth-250",
"scope": "eq",
"trust": 1.1,
"vendor": "samsung",
"version": "0.20.17"
},
{
"model": "smartthings hub",
"scope": null,
"trust": 0.6,
"vendor": "samsung",
"version": null
},
{
"model": "smartthings hub sth-eth-250-",
"scope": "eq",
"trust": 0.6,
"vendor": "samsung",
"version": "0.20.17"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17085"
},
{
"db": "BID",
"id": "105162"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010021"
},
{
"db": "NVD",
"id": "CVE-2018-3926"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1957"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3926"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Claudio Bozzato of Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1957"
}
],
"trust": 0.6
},
"cve": "CVE-2018-3926",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 4.9,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-3926",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "CNVD-2018-17085",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-133957",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.8,
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-3926",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3926",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2018-3926",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-17085",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1957",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-133957",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17085"
},
{
"db": "VULHUB",
"id": "VHN-133957"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010021"
},
{
"db": "NVD",
"id": "CVE-2018-3926"
},
{
"db": "NVD",
"id": "CVE-2018-3926"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1957"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable integer underflow vulnerability exists in the ZigBee firmware update routine of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process incorrectly handles malformed files existing in its data directory, leading to an infinite loop, which eventually causes the process to crash. An attacker can send an HTTP request to trigger this vulnerability. SamsungSmartThingsHub is a smart home management device from South Korea\u0027s Samsung. Samsung SmartThings Hub is prone to a denial-of-service vulnerability. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed. \nSamsung SmartThings Hub STH-ETH-250 0.20.17 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3926"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010021"
},
{
"db": "CNVD",
"id": "CNVD-2018-17085"
},
{
"db": "BID",
"id": "105162"
},
{
"db": "VULHUB",
"id": "VHN-133957"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "TALOS",
"id": "TALOS-2018-0593",
"trust": 3.4
},
{
"db": "NVD",
"id": "CVE-2018-3926",
"trust": 3.4
},
{
"db": "BID",
"id": "105162",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010021",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1957",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-17085",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-97445",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-133957",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17085"
},
{
"db": "VULHUB",
"id": "VHN-133957"
},
{
"db": "BID",
"id": "105162"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010021"
},
{
"db": "NVD",
"id": "CVE-2018-3926"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1957"
}
]
},
"id": "VAR-201808-0903",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17085"
},
{
"db": "VULHUB",
"id": "VHN-133957"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17085"
}
]
},
"last_update_date": "2023-12-18T12:43:52.993000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartThings Hub",
"trust": 0.8,
"url": "https://www.smartthings.com/products/smartthings-hub"
},
{
"title": "SamsungSmartThingsHub Patch for Integer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/139091"
},
{
"title": "Samsung SmartThings Hub Fixes for digital error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=82696"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17085"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010021"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1957"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-191",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133957"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010021"
},
{
"db": "NVD",
"id": "CVE-2018-3926"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0593"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105162"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3926"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3926"
},
{
"trust": 0.6,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2018-0593"
},
{
"trust": 0.3,
"url": "http://www.samsung.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-17085"
},
{
"db": "VULHUB",
"id": "VHN-133957"
},
{
"db": "BID",
"id": "105162"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010021"
},
{
"db": "NVD",
"id": "CVE-2018-3926"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1957"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-17085"
},
{
"db": "VULHUB",
"id": "VHN-133957"
},
{
"db": "BID",
"id": "105162"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010021"
},
{
"db": "NVD",
"id": "CVE-2018-3926"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1957"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-17085"
},
{
"date": "2018-08-28T00:00:00",
"db": "VULHUB",
"id": "VHN-133957"
},
{
"date": "2018-08-26T00:00:00",
"db": "BID",
"id": "105162"
},
{
"date": "2018-12-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010021"
},
{
"date": "2018-08-28T17:29:02.063000",
"db": "NVD",
"id": "CVE-2018-3926"
},
{
"date": "2018-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1957"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-17085"
},
{
"date": "2023-03-04T00:00:00",
"db": "VULHUB",
"id": "VHN-133957"
},
{
"date": "2018-08-26T00:00:00",
"db": "BID",
"id": "105162"
},
{
"date": "2018-12-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010021"
},
{
"date": "2023-03-04T02:03:09.810000",
"db": "NVD",
"id": "CVE-2018-3926"
},
{
"date": "2022-04-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1957"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1957"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung SmartThings Hub STH-ETH-250 Firmware integer underflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010021"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1957"
}
],
"trust": 0.6
}
}