Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
7 vulnerabilities by foxconn
VAR-201803-1761
Vulnerability from variot - Updated: 2023-12-18 14:01One can gain root access on the Foxconn femtocell FEMTO AP-FC4064-T version AP_GT_B38_5.8.3lb15-W47 LTE Build 15 via UART pins without any restrictions, which leads to full system compromise and disclosure of user communications. Foxconn femtocell FEMTO AP-FC4064-T Contains vulnerabilities related to security features.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FoxconnfemtocellFEMTOAP-FC4064-T is a home base station device from Foxconn. A security vulnerability exists in FoxconnfemtocellFEMTOAP-FC4064-TAP_GT_B38_5.8.3lb15-W47LTEBuild15. An attacker could exploit the vulnerability to gain root privileges, control the system, and obtain user communications
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-1761",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ap-fc4064-t",
"scope": "eq",
"trust": 1.0,
"vendor": "foxconn",
"version": "ap_gt_b38_5.8.3lb15-w47_lte"
},
{
"model": "femtocell femto ap-fc4064-t",
"scope": "eq",
"trust": 0.8,
"vendor": "foxconn",
"version": "ap_gt_b38_5.8.3lb15-w47 lte build 15"
},
{
"model": "femtocell femto ap-fc4064-t ap gt b38 5.8.3lb15-w47 lte build",
"scope": "eq",
"trust": 0.6,
"vendor": "foxconn",
"version": "15"
},
{
"model": "femtocell femto ap-fc4064-t",
"scope": "eq",
"trust": 0.6,
"vendor": "foxconn",
"version": "ap_gt_b38_5.8.3lb15-w47_lte"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06034"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003045"
},
{
"db": "NVD",
"id": "CVE-2018-6311"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-272"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:foxconn:ap-fc4064-t_firmware:ap_gt_b38_5.8.3lb15-w47_lte:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:foxconn:ap-fc4064-t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-6311"
}
]
},
"cve": "CVE-2018-6311",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-6311",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-06034",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-136343",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-6311",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-6311",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-06034",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201803-272",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-136343",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06034"
},
{
"db": "VULHUB",
"id": "VHN-136343"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003045"
},
{
"db": "NVD",
"id": "CVE-2018-6311"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-272"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "One can gain root access on the Foxconn femtocell FEMTO AP-FC4064-T version AP_GT_B38_5.8.3lb15-W47 LTE Build 15 via UART pins without any restrictions, which leads to full system compromise and disclosure of user communications. Foxconn femtocell FEMTO AP-FC4064-T Contains vulnerabilities related to security features.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FoxconnfemtocellFEMTOAP-FC4064-T is a home base station device from Foxconn. A security vulnerability exists in FoxconnfemtocellFEMTOAP-FC4064-TAP_GT_B38_5.8.3lb15-W47LTEBuild15. An attacker could exploit the vulnerability to gain root privileges, control the system, and obtain user communications",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-6311"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003045"
},
{
"db": "CNVD",
"id": "CNVD-2018-06034"
},
{
"db": "VULHUB",
"id": "VHN-136343"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-6311",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003045",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201803-272",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-06034",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-136343",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06034"
},
{
"db": "VULHUB",
"id": "VHN-136343"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003045"
},
{
"db": "NVD",
"id": "CVE-2018-6311"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-272"
}
]
},
"id": "VAR-201803-1761",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06034"
},
{
"db": "VULHUB",
"id": "VHN-136343"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06034"
}
]
},
"last_update_date": "2023-12-18T14:01:19.191000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.foxconn.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003045"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-136343"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003045"
},
{
"db": "NVD",
"id": "CVE-2018-6311"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://gist.github.com/drmnsamoliu/cd1d6fa59501f161616686296aa4a6c8"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-6311"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-6311"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06034"
},
{
"db": "VULHUB",
"id": "VHN-136343"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003045"
},
{
"db": "NVD",
"id": "CVE-2018-6311"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-272"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-06034"
},
{
"db": "VULHUB",
"id": "VHN-136343"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003045"
},
{
"db": "NVD",
"id": "CVE-2018-6311"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-272"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-06034"
},
{
"date": "2018-03-10T00:00:00",
"db": "VULHUB",
"id": "VHN-136343"
},
{
"date": "2018-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003045"
},
{
"date": "2018-03-10T22:29:00.273000",
"db": "NVD",
"id": "CVE-2018-6311"
},
{
"date": "2018-03-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-272"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-06034"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-136343"
},
{
"date": "2018-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003045"
},
{
"date": "2021-09-09T17:32:58.283000",
"db": "NVD",
"id": "CVE-2018-6311"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-272"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-272"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foxconn femtocell FEMTO AP-FC4064-T Vulnerabilities related to security functions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003045"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-272"
}
],
"trust": 0.6
}
}
VAR-201805-0934
Vulnerability from variot - Updated: 2023-12-18 13:38Cross Site Scripting (XSS) exists on the Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15 via the configuration of a user account. An attacker can execute arbitrary script on an unsuspecting user's browser. Foxconn FEMTO AP-FC4064-T Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Foxconn FEMTO AP-FC4064-T is a home base station equipment manufactured by Foxconn
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-0934",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ap-fc4064-t",
"scope": "eq",
"trust": 1.6,
"vendor": "foxconn",
"version": "ap_gt_b38_5.8.3lb15-w47_lte"
},
{
"model": "femtocell femto ap-fc4064-t",
"scope": "eq",
"trust": 0.8,
"vendor": "foxconn",
"version": "ap_gt_b38_5.8.3lb15-w47 lte build 15"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004859"
},
{
"db": "NVD",
"id": "CVE-2018-9111"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-357"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:foxconn:ap-fc4064-t_firmware:ap_gt_b38_5.8.3lb15-w47_lte:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:foxconn:ap-fc4064-t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9111"
}
]
},
"cve": "CVE-2018-9111",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.5,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-9111",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "VHN-139143",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.4,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2018-9111",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-9111",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-357",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-139143",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-139143"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004859"
},
{
"db": "NVD",
"id": "CVE-2018-9111"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-357"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross Site Scripting (XSS) exists on the Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15 via the configuration of a user account. An attacker can execute arbitrary script on an unsuspecting user\u0027s browser. Foxconn FEMTO AP-FC4064-T Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Foxconn FEMTO AP-FC4064-T is a home base station equipment manufactured by Foxconn",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9111"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004859"
},
{
"db": "VULHUB",
"id": "VHN-139143"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-9111",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004859",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-357",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-139143",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-139143"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004859"
},
{
"db": "NVD",
"id": "CVE-2018-9111"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-357"
}
]
},
"id": "VAR-201805-0934",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-139143"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:38:36.597000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.foxconn.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004859"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-139143"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004859"
},
{
"db": "NVD",
"id": "CVE-2018-9111"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://gist.github.com/chuanyuan-huang/a92b8b32980123d5fa9bf5a8299114bf"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-9111"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-9111"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-139143"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004859"
},
{
"db": "NVD",
"id": "CVE-2018-9111"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-357"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-139143"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004859"
},
{
"db": "NVD",
"id": "CVE-2018-9111"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-357"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-10T00:00:00",
"db": "VULHUB",
"id": "VHN-139143"
},
{
"date": "2018-06-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004859"
},
{
"date": "2018-05-10T03:29:00.467000",
"db": "NVD",
"id": "CVE-2018-9111"
},
{
"date": "2018-05-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-357"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-13T00:00:00",
"db": "VULHUB",
"id": "VHN-139143"
},
{
"date": "2018-06-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004859"
},
{
"date": "2018-06-13T12:49:57.143000",
"db": "NVD",
"id": "CVE-2018-9111"
},
{
"date": "2018-05-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-357"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-357"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foxconn FEMTO AP-FC4064-T Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004859"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-357"
}
],
"trust": 0.6
}
}
VAR-201805-0935
Vulnerability from variot - Updated: 2023-12-18 13:28A low privileged admin account with a weak default password of admin exists on the Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15. In addition, its web management page relies on the existence or values of cookies when performing security-critical operations. One can gain privileges by modifying cookies. Foxconn FEMTO AP-FC4064-T Contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Foxconn FEMTO AP-FC4064-T is a home base station equipment manufactured by Foxconn. There is a security vulnerability in the web management page of Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-0935",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ap-fc4064-t",
"scope": "eq",
"trust": 1.6,
"vendor": "foxconn",
"version": "ap_gt_b38_5.8.3lb15-w47_lte"
},
{
"model": "femtocell femto ap-fc4064-t",
"scope": "eq",
"trust": 0.8,
"vendor": "foxconn",
"version": "ap_gt_b38_5.8.3lb15-w47 lte build 15"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005097"
},
{
"db": "NVD",
"id": "CVE-2018-9112"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-356"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:foxconn:ap-fc4064-t_firmware:ap_gt_b38_5.8.3lb15-w47_lte:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:foxconn:ap-fc4064-t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9112"
}
]
},
"cve": "CVE-2018-9112",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-9112",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-139144",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-9112",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-9112",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-356",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-139144",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-139144"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005097"
},
{
"db": "NVD",
"id": "CVE-2018-9112"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-356"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A low privileged admin account with a weak default password of admin exists on the Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15. In addition, its web management page relies on the existence or values of cookies when performing security-critical operations. One can gain privileges by modifying cookies. Foxconn FEMTO AP-FC4064-T Contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Foxconn FEMTO AP-FC4064-T is a home base station equipment manufactured by Foxconn. There is a security vulnerability in the web management page of Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9112"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005097"
},
{
"db": "VULHUB",
"id": "VHN-139144"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-9112",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005097",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-356",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-139144",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-139144"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005097"
},
{
"db": "NVD",
"id": "CVE-2018-9112"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-356"
}
]
},
"id": "VAR-201805-0935",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-139144"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:28:56.176000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.foxconn.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005097"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-139144"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005097"
},
{
"db": "NVD",
"id": "CVE-2018-9112"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://gist.github.com/chuanyuan-huang/a92b8b32980123d5fa9bf5a8299114bf"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-9112"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-9112"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-139144"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005097"
},
{
"db": "NVD",
"id": "CVE-2018-9112"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-356"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-139144"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005097"
},
{
"db": "NVD",
"id": "CVE-2018-9112"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-356"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-10T00:00:00",
"db": "VULHUB",
"id": "VHN-139144"
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005097"
},
{
"date": "2018-05-10T03:29:00.513000",
"db": "NVD",
"id": "CVE-2018-9112"
},
{
"date": "2018-05-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-356"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-18T00:00:00",
"db": "VULHUB",
"id": "VHN-139144"
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005097"
},
{
"date": "2018-06-18T16:39:46.437000",
"db": "NVD",
"id": "CVE-2018-9112"
},
{
"date": "2018-05-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-356"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-356"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foxconn FEMTO AP-FC4064-T Vulnerabilities related to the use of hard-coded credentials",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005097"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-356"
}
],
"trust": 0.6
}
}
VAR-201803-1762
Vulnerability from variot - Updated: 2023-12-18 12:50A privileged account with a weak default password on the Foxconn femtocell FEMTO AP-FC4064-T version AP_GT_B38_5.8.3lb15-W47 LTE Build 15 can be used to turn on the TELNET service via the web interface, which allows root login without any password. This vulnerability will lead to full system compromise and disclosure of user communications. The foxconn account with an 8-character lowercase alphabetic password can be used. Foxconn femtocell FEMTO AP-FC4064-T Contains a cryptographic vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FoxconnfemtocellFEMTOAP-FC4064-T is a home base station device from Foxconn. A vulnerability exists in the FoxconnfemtocellFEMTOAP-FC4064-TAP_GT_B38_5.8.3lb15-W47LTEBuild15 release, which stems from a weaker default password used by privileged accounts. The attacker can use the web interface to open the TELNET service, control the system and obtain user communication
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-1762",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ap-fc4064-t",
"scope": "eq",
"trust": 1.0,
"vendor": "foxconn",
"version": "ap_gt_b38_5.8.3lb15-w47_lte"
},
{
"model": "femtocell femto ap-fc4064-t",
"scope": "eq",
"trust": 0.8,
"vendor": "foxconn",
"version": "ap_gt_b38_5.8.3lb15-w47 lte build 15"
},
{
"model": "femtocell femto ap-fc4064-t ap gt b38 5.8.3lb15-w47 lte build",
"scope": "eq",
"trust": 0.6,
"vendor": "foxconn",
"version": "15"
},
{
"model": "femtocell femto ap-fc4064-t",
"scope": "eq",
"trust": 0.6,
"vendor": "foxconn",
"version": "ap_gt_b38_5.8.3lb15-w47_lte"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06035"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002828"
},
{
"db": "NVD",
"id": "CVE-2018-6312"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-271"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:foxconn:ap-fc4064-t_firmware:ap_gt_b38_5.8.3lb15-w47_lte:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:foxconn:ap-fc4064-t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-6312"
}
]
},
"cve": "CVE-2018-6312",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-6312",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-06035",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-136344",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-6312",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-6312",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-06035",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201803-271",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-136344",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06035"
},
{
"db": "VULHUB",
"id": "VHN-136344"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002828"
},
{
"db": "NVD",
"id": "CVE-2018-6312"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-271"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A privileged account with a weak default password on the Foxconn femtocell FEMTO AP-FC4064-T version AP_GT_B38_5.8.3lb15-W47 LTE Build 15 can be used to turn on the TELNET service via the web interface, which allows root login without any password. This vulnerability will lead to full system compromise and disclosure of user communications. The foxconn account with an 8-character lowercase alphabetic password can be used. Foxconn femtocell FEMTO AP-FC4064-T Contains a cryptographic vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FoxconnfemtocellFEMTOAP-FC4064-T is a home base station device from Foxconn. A vulnerability exists in the FoxconnfemtocellFEMTOAP-FC4064-TAP_GT_B38_5.8.3lb15-W47LTEBuild15 release, which stems from a weaker default password used by privileged accounts. The attacker can use the web interface to open the TELNET service, control the system and obtain user communication",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-6312"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002828"
},
{
"db": "CNVD",
"id": "CNVD-2018-06035"
},
{
"db": "VULHUB",
"id": "VHN-136344"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-6312",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002828",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-06035",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201803-271",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-136344",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06035"
},
{
"db": "VULHUB",
"id": "VHN-136344"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002828"
},
{
"db": "NVD",
"id": "CVE-2018-6312"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-271"
}
]
},
"id": "VAR-201803-1762",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06035"
},
{
"db": "VULHUB",
"id": "VHN-136344"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06035"
}
]
},
"last_update_date": "2023-12-18T12:50:52.339000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.foxconn.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002828"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-521",
"trust": 1.1
},
{
"problemtype": "CWE-310",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-136344"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002828"
},
{
"db": "NVD",
"id": "CVE-2018-6312"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://gist.github.com/drmnsamoliu/cd1d6fa59501f161616686296aa4a6c8"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-6312"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-6312"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06035"
},
{
"db": "VULHUB",
"id": "VHN-136344"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002828"
},
{
"db": "NVD",
"id": "CVE-2018-6312"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-271"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-06035"
},
{
"db": "VULHUB",
"id": "VHN-136344"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002828"
},
{
"db": "NVD",
"id": "CVE-2018-6312"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-271"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-06035"
},
{
"date": "2018-03-10T00:00:00",
"db": "VULHUB",
"id": "VHN-136344"
},
{
"date": "2018-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-002828"
},
{
"date": "2018-03-10T22:29:00.350000",
"db": "NVD",
"id": "CVE-2018-6312"
},
{
"date": "2018-03-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-271"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-06035"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-136344"
},
{
"date": "2018-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-002828"
},
{
"date": "2021-09-09T13:35:06.243000",
"db": "NVD",
"id": "CVE-2018-6312"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-271"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-271"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foxconn femtocell FEMTO AP-FC4064-T Cryptographic vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002828"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-271"
}
],
"trust": 0.6
}
}
VAR-201610-0720
Vulnerability from variot - Updated: 2022-05-04 10:22Foxconn is a manufacturer of electronic components that assembles Android smartphones. The main products are tablet computers, notebook computers, smart phones, etc.
Foxconn Android phone firmware has a backdoor vulnerability. Due to a vulnerability in the bootloader code responsible for starting the Android operating system, an attacker can use the vulnerability to bypass the authentication mechanism and gain control of the device.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201610-0720",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "technology group infocus m810",
"scope": null,
"trust": 0.6,
"vendor": "foxconn",
"version": null
},
{
"model": "technology group nextbit robin",
"scope": null,
"trust": 0.6,
"vendor": "foxconn",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09330"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2016-09330",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2016-09330",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09330"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foxconn is a manufacturer of electronic components that assembles Android smartphones. The main products are tablet computers, notebook computers, smart phones, etc.\r\n\r\n\r\nFoxconn Android phone firmware has a backdoor vulnerability. Due to a vulnerability in the bootloader code responsible for starting the Android operating system, an attacker can use the vulnerability to bypass the authentication mechanism and gain control of the device.",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09330"
}
],
"trust": 0.6
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-09330",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09330"
}
]
},
"id": "VAR-201610-0720",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09330"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09330"
}
]
},
"last_update_date": "2022-05-04T10:22:50.794000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://bbqand0days.com/pork-explosion-unleashed/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09330"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-09330"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-09330"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-09330"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Foxconn Android phone firmware has a backdoor vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-09330"
}
],
"trust": 0.6
}
}
CVE-2020-24088 (GCVE-0-2020-24088)
Vulnerability from cvelistv5 – Published: 2023-09-11 00:00 – Updated: 2024-09-26 15:38- n/a
| Vendor | Product | Version | |
|---|---|---|---|
| foxconn | live_update_utility |
Affected:
2.1.6.26
cpe:2.3:a:foxconn:live_update_utility:2.1.6.26:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:05:11.854Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://blog.rewolf.pl/blog/?p=1630"
},
{
"tags": [
"x_transferred"
],
"url": "http://dronesec.pw/blog/2018/05/17/dell-supportassist-local-privilege-escalation/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rjt-gupta/CVE-2020-24088"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxconn:live_update_utility:2.1.6.26:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "live_update_utility",
"vendor": "foxconn",
"versions": [
{
"status": "affected",
"version": "2.1.6.26"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-24088",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T15:36:52.494654Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:38:01.958Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in MmMapIoSpace routine in Foxconn Live Update Utility 2.1.6.26, allows local attackers to escalate privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T14:32:49.237Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "http://blog.rewolf.pl/blog/?p=1630"
},
{
"url": "http://dronesec.pw/blog/2018/05/17/dell-supportassist-local-privilege-escalation/"
},
{
"url": "https://github.com/rjt-gupta/CVE-2020-24088"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-24088",
"datePublished": "2023-09-11T00:00:00.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2024-09-26T15:38:01.958Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-24088 (GCVE-0-2020-24088)
Vulnerability from nvd – Published: 2023-09-11 00:00 – Updated: 2024-09-26 15:38- n/a
| Vendor | Product | Version | |
|---|---|---|---|
| foxconn | live_update_utility |
Affected:
2.1.6.26
cpe:2.3:a:foxconn:live_update_utility:2.1.6.26:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:05:11.854Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://blog.rewolf.pl/blog/?p=1630"
},
{
"tags": [
"x_transferred"
],
"url": "http://dronesec.pw/blog/2018/05/17/dell-supportassist-local-privilege-escalation/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rjt-gupta/CVE-2020-24088"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxconn:live_update_utility:2.1.6.26:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "live_update_utility",
"vendor": "foxconn",
"versions": [
{
"status": "affected",
"version": "2.1.6.26"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-24088",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T15:36:52.494654Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:38:01.958Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in MmMapIoSpace routine in Foxconn Live Update Utility 2.1.6.26, allows local attackers to escalate privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T14:32:49.237Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "http://blog.rewolf.pl/blog/?p=1630"
},
{
"url": "http://dronesec.pw/blog/2018/05/17/dell-supportassist-local-privilege-escalation/"
},
{
"url": "https://github.com/rjt-gupta/CVE-2020-24088"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-24088",
"datePublished": "2023-09-11T00:00:00.000Z",
"dateReserved": "2020-08-13T00:00:00.000Z",
"dateUpdated": "2024-09-26T15:38:01.958Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}