Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities by Xiongmai
CVE-2026-34005 (GCVE-0-2026-34005)
Vulnerability from cvelistv5 – Published: 2026-03-29 17:02 – Updated: 2026-03-30 14:19
VLAI
Summary
In Sofia on Xiongmai DVR/NVR (AHB7008T-MH-V2 and NBD7024H-P) 4.03.R11 devices, root OS command injection can occur via shell metacharacters in the HostName value via an authenticated DVRIP protocol (TCP port 34567) request to the NetWork.NetCommon configuration handler, because system() is used.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Xiongmai | DVR/NVR devices |
Affected:
4.03.R11
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34005",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-30T14:19:13.856503Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-30T14:19:23.210Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Sofia binary - hostname configuration handler"
],
"product": "DVR/NVR devices",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.03.R11",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Sofia on Xiongmai DVR/NVR (AHB7008T-MH-V2 and NBD7024H-P) 4.03.R11 devices, root OS command injection can occur via shell metacharacters in the HostName value via an authenticated DVRIP protocol (TCP port 34567) request to the NetWork.NetCommon configuration handler, because system() is used."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-29T17:09:28.999Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.xiongmaitech.com"
},
{
"url": "https://uky007.github.io/CVE-2026-34005/"
}
],
"x_generator": {
"engine": "CVE-Request-form 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2026-34005",
"datePublished": "2026-03-29T17:02:15.445Z",
"dateReserved": "2026-03-25T05:22:12.479Z",
"dateUpdated": "2026-03-30T14:19:23.210Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-3765 (GCVE-0-2024-3765)
Vulnerability from cvelistv5 – Published: 2024-04-14 23:00 – Updated: 2024-08-08 20:19
VLAI
Title
Xiongmai AHB7804R-MH-V2 Sofia Service access control
Summary
A vulnerability classified as critical was found in Xiongmai AHB7804R-MH-V2, AHB8004T-GL, AHB8008T-GL, AHB7004T-GS-V3, AHB7004T-MHV2, AHB8032F-LME and XM530_R80X30-PQ_8M. Affected by this vulnerability is an unknown functionality of the component Sofia Service. The manipulation with the input ff00000000000000000000000000f103250000007b202252657422203a203130302c202253657373696f6e494422203a202230783022207d0a leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260605 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Severity
9.8 (Critical)
9.8 (Critical)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Controls
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.260605 | vdb-entrytechnical-descriptionmitigation |
| https://vuldb.com/?ctiid.260605 | signaturepermissions-required |
| https://vuldb.com/?submit.311903 | third-party-advisory |
| https://github.com/netsecfish/xiongmai_incorrect_… | related |
| https://github.com/netsecfish/xiongmai_incorrect_… | exploit |
Impacted products
56 products
| Vendor | Product | Version | |
|---|---|---|---|
| Xiongmai | AHB7804R-MH-V2 |
Affected:
4.02.R11.24340142.10001.131900.00000
Affected: 4.02.R11.A8531149.10001.131900.00000 Affected: 4.02.R11.C6380171.11201.141900.00000 Affected: 4.03.R11.0000020X.11201.042300.0000005 Affected: 4.03.R11.4912720B.11201.142300.0000004 Affected: 4.03.R11.4912720D.11201.142300.0000004 Affected: 4.03.R11.4915714A.12201.142300.0000000 Affected: 5.00.R02.00030751.10010.348717.0000000 |
|
| Xiongmai | AHB8004T-GL |
Affected:
4.02.R11.24340142.10001.131900.00000
Affected: 4.02.R11.A8531149.10001.131900.00000 Affected: 4.02.R11.C6380171.11201.141900.00000 Affected: 4.03.R11.0000020X.11201.042300.0000005 Affected: 4.03.R11.4912720B.11201.142300.0000004 Affected: 4.03.R11.4912720D.11201.142300.0000004 Affected: 4.03.R11.4915714A.12201.142300.0000000 Affected: 5.00.R02.00030751.10010.348717.0000000 |
|
| Xiongmai | AHB8008T-GL |
Affected:
4.02.R11.24340142.10001.131900.00000
Affected: 4.02.R11.A8531149.10001.131900.00000 Affected: 4.02.R11.C6380171.11201.141900.00000 Affected: 4.03.R11.0000020X.11201.042300.0000005 Affected: 4.03.R11.4912720B.11201.142300.0000004 Affected: 4.03.R11.4912720D.11201.142300.0000004 Affected: 4.03.R11.4915714A.12201.142300.0000000 Affected: 5.00.R02.00030751.10010.348717.0000000 |
|
| Xiongmai | AHB7004T-GS-V3 |
Affected:
4.02.R11.24340142.10001.131900.00000
Affected: 4.02.R11.A8531149.10001.131900.00000 Affected: 4.02.R11.C6380171.11201.141900.00000 Affected: 4.03.R11.0000020X.11201.042300.0000005 Affected: 4.03.R11.4912720B.11201.142300.0000004 Affected: 4.03.R11.4912720D.11201.142300.0000004 Affected: 4.03.R11.4915714A.12201.142300.0000000 Affected: 5.00.R02.00030751.10010.348717.0000000 |
|
| Xiongmai | AHB7004T-MHV2 |
Affected:
4.02.R11.24340142.10001.131900.00000
Affected: 4.02.R11.A8531149.10001.131900.00000 Affected: 4.02.R11.C6380171.11201.141900.00000 Affected: 4.03.R11.0000020X.11201.042300.0000005 Affected: 4.03.R11.4912720B.11201.142300.0000004 Affected: 4.03.R11.4912720D.11201.142300.0000004 Affected: 4.03.R11.4915714A.12201.142300.0000000 Affected: 5.00.R02.00030751.10010.348717.0000000 |
|
| Xiongmai | AHB8032F-LME |
Affected:
4.02.R11.24340142.10001.131900.00000
Affected: 4.02.R11.A8531149.10001.131900.00000 Affected: 4.02.R11.C6380171.11201.141900.00000 Affected: 4.03.R11.0000020X.11201.042300.0000005 Affected: 4.03.R11.4912720B.11201.142300.0000004 Affected: 4.03.R11.4912720D.11201.142300.0000004 Affected: 4.03.R11.4915714A.12201.142300.0000000 Affected: 5.00.R02.00030751.10010.348717.0000000 |
|
| Xiongmai | XM530_R80X30-PQ_8M |
Affected:
4.02.R11.24340142.10001.131900.00000
Affected: 4.02.R11.A8531149.10001.131900.00000 Affected: 4.02.R11.C6380171.11201.141900.00000 Affected: 4.03.R11.0000020X.11201.042300.0000005 Affected: 4.03.R11.4912720B.11201.142300.0000004 Affected: 4.03.R11.4912720D.11201.142300.0000004 Affected: 4.03.R11.4915714A.12201.142300.0000000 Affected: 5.00.R02.00030751.10010.348717.0000000 |
|
| xiongmaitech | ahb7804r-mh-v2_firmware |
Affected:
4.02.r11.24340142.10001.131900.00000
Affected: 4.02.r11.a8531149.10001.131900.00000 Affected: 4.02.r11.c6380171.11201.141900.00000 Affected: 4.03.r11.0000020x.11201.042300.0000005 Affected: 4.03.r11.4912720b.11201.142300.0000004 Affected: 4.03.r11.4912720d.11201.142300.0000004 Affected: 4.03.r11.4915714a.12201.142300.0000000 Affected: 5.00.r02.00030751.10010.348717.0000000 cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:* cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:* cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:* cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:* cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:* cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:* cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:* cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
4.03.r11.4915714a.12201.142300.0000000
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
4.02.r11.a8531149.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
4.03.r11.4912720b.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
4.03.r11.4912720d.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
5.00.r02.00030751.10010.348717.0000000
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
4.02.r11.c6380171.11201.141900.00000
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
4.03.r11.0000020x.11201.042300.0000005
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8008t-gl_firmware |
Affected:
4.02.r11.24340142.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
4.03.r11.4915714a.12201.142300.0000000
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
4.02.r11.a8531149.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
4.03.r11.4912720b.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
4.03.r11.4912720d.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
5.00.r02.00030751.10010.348717.0000000
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
4.02.r11.c6380171.11201.141900.00000
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
4.03.r11.0000020x.11201.042300.0000005
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8004t-gl_firmware |
Affected:
4.02.r11.24340142.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
4.03.r11.4915714a.12201.142300.0000000
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
4.02.r11.a8531149.10001.131900.00000
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
4.03.r11.4912720b.11201.142300.0000004
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
4.03.r11.4912720d.11201.142300.0000004
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
5.00.r02.00030751.10010.348717.0000000
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
4.02.r11.c6380171.11201.141900.00000
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
4.03.r11.0000020x.11201.042300.0000005
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:* |
|
| xiongmaitech | xm530_r80x30-pq_8m_firmware |
Affected:
4.02.r11.24340142.10001.131900.00000
cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
4.03.r11.4915714a.12201.142300.0000000
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
4.02.r11.a8531149.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
4.03.r11.4912720b.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
4.03.r11.4912720d.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
5.00.r02.00030751.10010.348717.0000000
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
4.02.r11.c6380171.11201.141900.00000
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
4.03.r11.0000020x.11201.042300.0000005
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-gs-v3_firmware |
Affected:
4.02.r11.24340142.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
4.03.r11.4915714a.12201.142300.0000000
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
4.02.r11.a8531149.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
4.03.r11.4912720b.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
4.03.r11.4912720d.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
5.00.r02.00030751.10010.348717.0000000
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
4.02.r11.c6380171.11201.141900.00000
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
4.03.r11.0000020x.11201.042300.0000005
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb8032f-lme_firmware |
Affected:
4.02.r11.24340142.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
4.03.r11.4915714a.12201.142300.0000000
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
4.02.r11.a8531149.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
4.03.r11.4912720b.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
4.03.r11.4912720d.11201.142300.0000004
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
5.00.r02.00030751.10010.348717.0000000
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
4.02.r11.c6380171.11201.141900.00000
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
4.03.r11.0000020x.11201.042300.0000005
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:* |
|
| xiongmaitech | ahb7004t-mhv2_firmware |
Affected:
4.02.r11.24340142.10001.131900.00000
cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:20:01.820Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VDB-260605 | Xiongmai AHB7804R-MH-V2 Sofia Service access control",
"tags": [
"vdb-entry",
"technical-description",
"mitigation",
"x_transferred"
],
"url": "https://vuldb.com/?id.260605"
},
{
"name": "VDB-260605 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.260605"
},
{
"name": "Submit #311903 | Xiongmai AHB7804R-MH-V2, AHB8008T-GL, AHB8004T-GL, XM530_R80X30-PQ_8M, AHB7004T-GS-V3, AHB8032F-LME, AHB7004T-MHV2 V4.03.R11.4915714A.12201.142300.0000000, V4.02.R11.A8531149.10001.131900.00000, V4.03.R11.4912720B.11201.142300.0000004, V4.03.R Incorrect A",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://vuldb.com/?submit.311903"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://github.com/netsecfish/xiongmai_incorrect_access_control"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/netsecfish/xiongmai_incorrect_access_control/blob/main/pocCheck3-en.py"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:*",
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:*",
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:*",
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:*",
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:*",
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:*",
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:*",
"cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7804r-mh-v2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.r11.a8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.r11.c6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.r11.0000020x.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.r11.4912720b.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.r11.4912720d.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.r11.4915714a.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.r02.00030751.10010.348717.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4915714a.12201.142300.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.a8531149.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720b.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720d.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "5.00.r02.00030751.10010.348717.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.c6380171.11201.141900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.0000020x.11201.042300.0000005"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8008t-gl_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8008t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.24340142.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4915714a.12201.142300.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.a8531149.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720b.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720d.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "5.00.r02.00030751.10010.348717.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.c6380171.11201.141900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.0000020x.11201.042300.0000005"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8004t-gl_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8004t-gl_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.24340142.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4915714a.12201.142300.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.a8531149.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720b.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720d.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "5.00.r02.00030751.10010.348717.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.c6380171.11201.141900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.0000020x.11201.042300.0000005"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:xm530_r80x30-pq_8m_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xm530_r80x30-pq_8m_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.24340142.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4915714a.12201.142300.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.a8531149.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720b.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720d.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "5.00.r02.00030751.10010.348717.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.c6380171.11201.141900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.0000020x.11201.042300.0000005"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-gs-v3_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.24340142.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4915714a.12201.142300.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.a8531149.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720b.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720d.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "5.00.r02.00030751.10010.348717.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.c6380171.11201.141900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.0000020x.11201.042300.0000005"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb8032f-lme_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb8032f-lme_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.24340142.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.4915714a.12201.142300.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4915714a.12201.142300.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.02.r11.a8531149.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.a8531149.10001.131900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.4912720b.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720b.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.4912720d.11201.142300.0000004:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.4912720d.11201.142300.0000004"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:5.00.r02.00030751.10010.348717.0000000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "5.00.r02.00030751.10010.348717.0000000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.02.r11.c6380171.11201.141900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.c6380171.11201.141900.00000"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.03.r11.0000020x.11201.042300.0000005:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.03.r11.0000020x.11201.042300.0000005"
}
]
},
{
"cpes": [
"cpe:2.3:o:xiongmaitech:ahb7004t-mhv2_firmware:4.02.r11.24340142.10001.131900.00000:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ahb7004t-mhv2_firmware",
"vendor": "xiongmaitech",
"versions": [
{
"status": "affected",
"version": "4.02.r11.24340142.10001.131900.00000"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3765",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-15T13:40:05.259780Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T20:19:23.996Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Sofia Service"
],
"product": "AHB7804R-MH-V2",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.02.R11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.A8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.C6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.R11.0000020X.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.R11.4912720B.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4912720D.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4915714A.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.R02.00030751.10010.348717.0000000"
}
]
},
{
"modules": [
"Sofia Service"
],
"product": "AHB8004T-GL",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.02.R11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.A8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.C6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.R11.0000020X.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.R11.4912720B.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4912720D.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4915714A.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.R02.00030751.10010.348717.0000000"
}
]
},
{
"modules": [
"Sofia Service"
],
"product": "AHB8008T-GL",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.02.R11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.A8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.C6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.R11.0000020X.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.R11.4912720B.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4912720D.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4915714A.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.R02.00030751.10010.348717.0000000"
}
]
},
{
"modules": [
"Sofia Service"
],
"product": "AHB7004T-GS-V3",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.02.R11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.A8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.C6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.R11.0000020X.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.R11.4912720B.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4912720D.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4915714A.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.R02.00030751.10010.348717.0000000"
}
]
},
{
"modules": [
"Sofia Service"
],
"product": "AHB7004T-MHV2",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.02.R11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.A8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.C6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.R11.0000020X.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.R11.4912720B.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4912720D.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4915714A.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.R02.00030751.10010.348717.0000000"
}
]
},
{
"modules": [
"Sofia Service"
],
"product": "AHB8032F-LME",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.02.R11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.A8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.C6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.R11.0000020X.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.R11.4912720B.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4912720D.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4915714A.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.R02.00030751.10010.348717.0000000"
}
]
},
{
"modules": [
"Sofia Service"
],
"product": "XM530_R80X30-PQ_8M",
"vendor": "Xiongmai",
"versions": [
{
"status": "affected",
"version": "4.02.R11.24340142.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.A8531149.10001.131900.00000"
},
{
"status": "affected",
"version": "4.02.R11.C6380171.11201.141900.00000"
},
{
"status": "affected",
"version": "4.03.R11.0000020X.11201.042300.0000005"
},
{
"status": "affected",
"version": "4.03.R11.4912720B.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4912720D.11201.142300.0000004"
},
{
"status": "affected",
"version": "4.03.R11.4915714A.12201.142300.0000000"
},
{
"status": "affected",
"version": "5.00.R02.00030751.10010.348717.0000000"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "netsecfish (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in Xiongmai AHB7804R-MH-V2, AHB8004T-GL, AHB8008T-GL, AHB7004T-GS-V3, AHB7004T-MHV2, AHB8032F-LME and XM530_R80X30-PQ_8M. Affected by this vulnerability is an unknown functionality of the component Sofia Service. The manipulation with the input ff00000000000000000000000000f103250000007b202252657422203a203130302c202253657373696f6e494422203a202230783022207d0a leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260605 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In Xiongmai AHB7804R-MH-V2, AHB8004T-GL, AHB8008T-GL, AHB7004T-GS-V3, AHB7004T-MHV2, AHB8032F-LME and XM530_R80X30-PQ_8M wurde eine kritische Schwachstelle entdeckt. Es geht um eine nicht n\u00e4her bekannte Funktion der Komponente Sofia Service. Durch Manipulation mit der Eingabe ff00000000000000000000000000f103250000007b202252657422203a203130302c202253657373696f6e494422203a202230783022207d0a mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 10,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-14T23:00:05.199Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-260605 | Xiongmai AHB7804R-MH-V2 Sofia Service access control",
"tags": [
"vdb-entry",
"technical-description",
"mitigation"
],
"url": "https://vuldb.com/?id.260605"
},
{
"name": "VDB-260605 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.260605"
},
{
"name": "Submit #311903 | Xiongmai AHB7804R-MH-V2, AHB8008T-GL, AHB8004T-GL, XM530_R80X30-PQ_8M, AHB7004T-GS-V3, AHB8032F-LME, AHB7004T-MHV2 V4.03.R11.4915714A.12201.142300.0000000, V4.02.R11.A8531149.10001.131900.00000, V4.03.R11.4912720B.11201.142300.0000004, V4.03.R Incorrect A",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.311903"
},
{
"tags": [
"related"
],
"url": "https://github.com/netsecfish/xiongmai_incorrect_access_control"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/netsecfish/xiongmai_incorrect_access_control/blob/main/pocCheck3-en.py"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-04-14T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-04-14T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-04-14T10:50:01.000Z",
"value": "VulDB entry last update"
}
],
"title": "Xiongmai AHB7804R-MH-V2 Sofia Service access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-3765",
"datePublished": "2024-04-14T23:00:05.199Z",
"dateReserved": "2024-04-14T08:43:42.949Z",
"dateUpdated": "2024-08-08T20:19:23.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}