Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
3 vulnerabilities by televes
VAR-201707-0949
Vulnerability from variot - Updated: 2023-12-18 13:14Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 do not check password.shtml authorization, leading to Arbitrary password change. Televes COAXDATA GATEWAY 1Gbps The device password.shtml There is a vulnerability related to certificate / password management because authentication is not checked.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. TelevesCOAXDATAGATEWAY1Gbpsdevices is a wireless router device from Televes, Spain. A security vulnerability exists in the TelevesCOAXDATAGATEWAY 1Gbps device due to lack of access control and detection on the client side. An attacker could use this vulnerability to change the password of an administrator user
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-0949",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "coaxdata gateway 1gbps",
"scope": "eq",
"trust": 1.6,
"vendor": "televes",
"version": "1.02.0014_4.20"
},
{
"model": "coaxdata gateway 1gbps",
"scope": null,
"trust": 0.8,
"vendor": "televes",
"version": null
},
{
"model": "coaxdata gateway",
"scope": null,
"trust": 0.6,
"vendor": "televes",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-18521"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005941"
},
{
"db": "NVD",
"id": "CVE-2017-6530"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-329"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:televes:coaxdata_gateway_1gbps_firmware:1.02.0014_4.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:televes:coaxdata_gateway_1gbps:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6530"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Pedro Andujar",
"sources": [
{
"db": "PACKETSTORM",
"id": "143430"
}
],
"trust": 0.1
},
"cve": "CVE-2017-6530",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-6530",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-18521",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-114733",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-6530",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-6530",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2017-18521",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201703-329",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-114733",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-18521"
},
{
"db": "VULHUB",
"id": "VHN-114733"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005941"
},
{
"db": "NVD",
"id": "CVE-2017-6530"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-329"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 do not check password.shtml authorization, leading to Arbitrary password change. Televes COAXDATA GATEWAY 1Gbps The device password.shtml There is a vulnerability related to certificate / password management because authentication is not checked.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. TelevesCOAXDATAGATEWAY1Gbpsdevices is a wireless router device from Televes, Spain. A security vulnerability exists in the TelevesCOAXDATAGATEWAY 1Gbps device due to lack of access control and detection on the client side. An attacker could use this vulnerability to change the password of an administrator user",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6530"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005941"
},
{
"db": "CNVD",
"id": "CNVD-2017-18521"
},
{
"db": "VULHUB",
"id": "VHN-114733"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-6530",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005941",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201703-329",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-18521",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "143430",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-114733",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-18521"
},
{
"db": "VULHUB",
"id": "VHN-114733"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005941"
},
{
"db": "PACKETSTORM",
"id": "143430"
},
{
"db": "NVD",
"id": "CVE-2017-6530"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-329"
}
]
},
"id": "VAR-201707-0949",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-18521"
},
{
"db": "VULHUB",
"id": "VHN-114733"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-18521"
}
]
},
"last_update_date": "2023-12-18T13:14:13.817000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "COAXDATA GATEWAY 1Gbps",
"trust": 0.8,
"url": "http://www.televes.es/es/producto/coaxdata-gateway-1gbps"
},
{
"title": "Patch for any password change vulnerability in TelevesCOAXDATAGATEWAY1Gbps device",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/99419"
},
{
"title": "Televes COAXDATA GATEWAY 1Gbps Fixes for device trust management vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=99672"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-18521"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005941"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-329"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.1
},
{
"problemtype": "CWE-255",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114733"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005941"
},
{
"db": "NVD",
"id": "CVE-2017-6530"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://www.tarlogic.com/advisories/televes_coaxdata_gateway_en.txt"
},
{
"trust": 1.7,
"url": "https://www.tarlogic.com/advisories/televes_coaxdata_gateway_es.txt"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6530"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6530"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6532"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6531"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-18521"
},
{
"db": "VULHUB",
"id": "VHN-114733"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005941"
},
{
"db": "PACKETSTORM",
"id": "143430"
},
{
"db": "NVD",
"id": "CVE-2017-6530"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-329"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-18521"
},
{
"db": "VULHUB",
"id": "VHN-114733"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005941"
},
{
"db": "PACKETSTORM",
"id": "143430"
},
{
"db": "NVD",
"id": "CVE-2017-6530"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-329"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-18521"
},
{
"date": "2017-07-20T00:00:00",
"db": "VULHUB",
"id": "VHN-114733"
},
{
"date": "2017-08-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005941"
},
{
"date": "2017-07-21T19:53:07",
"db": "PACKETSTORM",
"id": "143430"
},
{
"date": "2017-07-20T13:29:00.247000",
"db": "NVD",
"id": "CVE-2017-6530"
},
{
"date": "2017-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-329"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-18521"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-114733"
},
{
"date": "2017-08-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005941"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-6530"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-329"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-329"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Televes COAXDATA GATEWAY 1Gbps Vulnerabilities related to certificate and password management in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005941"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-329"
}
],
"trust": 0.6
}
}
VAR-201707-0951
Vulnerability from variot - Updated: 2023-12-18 13:14Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 have cleartext credentials in /mib.db. Televes COAXDATA GATEWAY 1Gbps The device /mib.db Vulnerabilities related to certificate and password management exist because it has clear text credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. TelevesCOAXDATAGATEWAY1Gbpsdevices is a wireless router device from Televes, Spain. A security vulnerability exists in the TelevesCOAXDATAGATEWAY 1Gbps device. An attacker could use this vulnerability to access a backup file that contains a clear text certificate. An attacker could exploit this vulnerability to obtain sensitive information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-0951",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "coaxdata gateway 1gbps",
"scope": "eq",
"trust": 1.6,
"vendor": "televes",
"version": "1.02.0014_4.20"
},
{
"model": "coaxdata gateway 1gbps",
"scope": null,
"trust": 0.8,
"vendor": "televes",
"version": null
},
{
"model": "coaxdata gateway",
"scope": null,
"trust": 0.6,
"vendor": "televes",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-18523"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005943"
},
{
"db": "NVD",
"id": "CVE-2017-6532"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-327"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:televes:coaxdata_gateway_1gbps_firmware:1.02.0014_4.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:televes:coaxdata_gateway_1gbps:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6532"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Pedro Andujar",
"sources": [
{
"db": "PACKETSTORM",
"id": "143430"
}
],
"trust": 0.1
},
"cve": "CVE-2017-6532",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-6532",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-18523",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-114735",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-6532",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-6532",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2017-18523",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201703-327",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-114735",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-18523"
},
{
"db": "VULHUB",
"id": "VHN-114735"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005943"
},
{
"db": "NVD",
"id": "CVE-2017-6532"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-327"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 have cleartext credentials in /mib.db. Televes COAXDATA GATEWAY 1Gbps The device /mib.db Vulnerabilities related to certificate and password management exist because it has clear text credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. TelevesCOAXDATAGATEWAY1Gbpsdevices is a wireless router device from Televes, Spain. A security vulnerability exists in the TelevesCOAXDATAGATEWAY 1Gbps device. An attacker could use this vulnerability to access a backup file that contains a clear text certificate. An attacker could exploit this vulnerability to obtain sensitive information",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6532"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005943"
},
{
"db": "CNVD",
"id": "CNVD-2017-18523"
},
{
"db": "VULHUB",
"id": "VHN-114735"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-6532",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005943",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201703-327",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-18523",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-114735",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143430",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-18523"
},
{
"db": "VULHUB",
"id": "VHN-114735"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005943"
},
{
"db": "PACKETSTORM",
"id": "143430"
},
{
"db": "NVD",
"id": "CVE-2017-6532"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-327"
}
]
},
"id": "VAR-201707-0951",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-18523"
},
{
"db": "VULHUB",
"id": "VHN-114735"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-18523"
}
]
},
"last_update_date": "2023-12-18T13:14:13.786000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "COAXDATA GATEWAY 1Gbps",
"trust": 0.8,
"url": "http://www.televes.es/es/producto/coaxdata-gateway-1gbps"
},
{
"title": "Patch for TelevesCOAXDATAGATEWAY1Gbps Device Backup File Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/99417"
},
{
"title": "Televes COAXDATA GATEWAY 1Gbps Fixes for device trust management vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=99670"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-18523"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005943"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-327"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-522",
"trust": 1.1
},
{
"problemtype": "CWE-255",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114735"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005943"
},
{
"db": "NVD",
"id": "CVE-2017-6532"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://www.tarlogic.com/advisories/televes_coaxdata_gateway_en.txt"
},
{
"trust": 1.7,
"url": "https://www.tarlogic.com/advisories/televes_coaxdata_gateway_es.txt"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6532"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6532"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6530"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6531"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-18523"
},
{
"db": "VULHUB",
"id": "VHN-114735"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005943"
},
{
"db": "PACKETSTORM",
"id": "143430"
},
{
"db": "NVD",
"id": "CVE-2017-6532"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-327"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-18523"
},
{
"db": "VULHUB",
"id": "VHN-114735"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005943"
},
{
"db": "PACKETSTORM",
"id": "143430"
},
{
"db": "NVD",
"id": "CVE-2017-6532"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-327"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-18523"
},
{
"date": "2017-07-20T00:00:00",
"db": "VULHUB",
"id": "VHN-114735"
},
{
"date": "2017-08-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005943"
},
{
"date": "2017-07-21T19:53:07",
"db": "PACKETSTORM",
"id": "143430"
},
{
"date": "2017-07-20T13:29:00.357000",
"db": "NVD",
"id": "CVE-2017-6532"
},
{
"date": "2017-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-327"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-18523"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-114735"
},
{
"date": "2017-08-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005943"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-6532"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-327"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-327"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Televes COAXDATA GATEWAY 1Gbps Vulnerabilities related to certificate and password management in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005943"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-327"
}
],
"trust": 0.6
}
}
VAR-201707-0950
Vulnerability from variot - Updated: 2023-12-18 13:14On Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20, the backup/restore feature lacks access control, related to ReadFile.cgi and LoadCfgFile. Televes COAXDATA GATEWAY 1Gbps Devices have vulnerabilities related to certificate and password management because the backup / restore function lacks access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. TelevesCOAXDATAGATEWAY1Gbpsdevices is a wireless router device from Televes, Spain. An attacker could exploit this vulnerability to modify the configuration
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-0950",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "coaxdata gateway 1gbps",
"scope": "eq",
"trust": 1.6,
"vendor": "televes",
"version": "1.02.0014_4.20"
},
{
"model": "coaxdata gateway 1gbps",
"scope": null,
"trust": 0.8,
"vendor": "televes",
"version": null
},
{
"model": "coaxdata gateway",
"scope": null,
"trust": 0.6,
"vendor": "televes",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-18522"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005942"
},
{
"db": "NVD",
"id": "CVE-2017-6531"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-328"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:televes:coaxdata_gateway_1gbps_firmware:1.02.0014_4.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:televes:coaxdata_gateway_1gbps:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6531"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Pedro Andujar",
"sources": [
{
"db": "PACKETSTORM",
"id": "143430"
}
],
"trust": 0.1
},
"cve": "CVE-2017-6531",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-6531",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-18522",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-114734",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-6531",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-6531",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2017-18522",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201703-328",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-114734",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-18522"
},
{
"db": "VULHUB",
"id": "VHN-114734"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005942"
},
{
"db": "NVD",
"id": "CVE-2017-6531"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-328"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20, the backup/restore feature lacks access control, related to ReadFile.cgi and LoadCfgFile. Televes COAXDATA GATEWAY 1Gbps Devices have vulnerabilities related to certificate and password management because the backup / restore function lacks access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. TelevesCOAXDATAGATEWAY1Gbpsdevices is a wireless router device from Televes, Spain. An attacker could exploit this vulnerability to modify the configuration",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6531"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005942"
},
{
"db": "CNVD",
"id": "CNVD-2017-18522"
},
{
"db": "VULHUB",
"id": "VHN-114734"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-6531",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005942",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201703-328",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-18522",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-114734",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143430",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-18522"
},
{
"db": "VULHUB",
"id": "VHN-114734"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005942"
},
{
"db": "PACKETSTORM",
"id": "143430"
},
{
"db": "NVD",
"id": "CVE-2017-6531"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-328"
}
]
},
"id": "VAR-201707-0950",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-18522"
},
{
"db": "VULHUB",
"id": "VHN-114734"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-18522"
}
]
},
"last_update_date": "2023-12-18T13:14:13.754000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "COAXDATA GATEWAY 1Gbps",
"trust": 0.8,
"url": "http://www.televes.es/es/producto/coaxdata-gateway-1gbps"
},
{
"title": "Patch for unauthorized operation of TelevesCOAXDATAGATEWAY 1Gbps device",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/99418"
},
{
"title": "Televes COAXDATA GATEWAY 1Gbps Fixes for device trust management vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=99671"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-18522"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005942"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-328"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-255",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114734"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005942"
},
{
"db": "NVD",
"id": "CVE-2017-6531"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://www.tarlogic.com/advisories/televes_coaxdata_gateway_en.txt"
},
{
"trust": 1.7,
"url": "https://www.tarlogic.com/advisories/televes_coaxdata_gateway_es.txt"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6531"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6531"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6530"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6532"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-18522"
},
{
"db": "VULHUB",
"id": "VHN-114734"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005942"
},
{
"db": "PACKETSTORM",
"id": "143430"
},
{
"db": "NVD",
"id": "CVE-2017-6531"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-328"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-18522"
},
{
"db": "VULHUB",
"id": "VHN-114734"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005942"
},
{
"db": "PACKETSTORM",
"id": "143430"
},
{
"db": "NVD",
"id": "CVE-2017-6531"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-328"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-18522"
},
{
"date": "2017-07-20T00:00:00",
"db": "VULHUB",
"id": "VHN-114734"
},
{
"date": "2017-08-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005942"
},
{
"date": "2017-07-21T19:53:07",
"db": "PACKETSTORM",
"id": "143430"
},
{
"date": "2017-07-20T13:29:00.280000",
"db": "NVD",
"id": "CVE-2017-6531"
},
{
"date": "2017-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-328"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-18522"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-114734"
},
{
"date": "2017-08-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005942"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-6531"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-328"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-328"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Televes COAXDATA GATEWAY 1Gbps Vulnerabilities related to certificate and password management in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005942"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-328"
}
],
"trust": 0.6
}
}