cvelistv5 - CVE-2013-4630

CVE-2013-4630

Vulnerability from cvelistv5

Published

2013-06-20 15:00

Modified

2024-08-06 16:52

Severity ?

Summary

Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests.

References

URL	Tags
cve@mitre.org	http://www.exploit-db.com/exploits/25295
cve@mitre.org	http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.exploit-db.com/exploits/25295
af854a3a-2127-422b-91ae-364da2661108	http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm	Vendor Advisory

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:52:26.975Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "25295",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/25295"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-03-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-11-02T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "25295",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/25295"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-4630",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "25295",
              "refsource": "EXPLOIT-DB",
              "url": "http://www.exploit-db.com/exploits/25295"
            },
            {
              "name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2013-4630",
    "datePublished": "2013-06-20T15:00:00",
    "dateReserved": "2013-06-20T00:00:00",
    "dateUpdated": "2024-08-06T16:52:26.975Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_1200:v200r001:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"91C15137-0BE6-4A8A-BBE4-835CE9D55EED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_1200:v200r002:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4EBC7873-F277-4567-882C-759335670BCE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_1200:v200r003:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"422CF4F4-DC3F-45A3-9D05-ABF9DE5621AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_150:v200r001:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC5201F6-1A0C-434A-8A7A-B194A89611A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_150:v200r002:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7428959D-CF8A-420E-969B-97EAD38A2FB0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_150:v200r003:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6307C68F-931C-4D87-9CC1-B3431CAB0C11\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_200:v200r001:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E243DC77-196A-4B4A-B2E6-30F4B634F419\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_200:v200r002:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7EEED571-6638-464C-AE91-8B8DCBD87A43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_200:v200r003:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5BAD81D8-2385-42CE-A147-7C23AD80A693\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_2200:v200r001:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA95EF1E-1309-4348-B1C0-9EF668DF774F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_2200:v200r002:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6EBEFD7D-EA06-4017-A276-8B4741C9C51F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_2200:v200r003:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"90670CC0-1434-4DCA-8D85-0ABCF76C9A1C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_3200:v200r001:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2445F89-743C-4A9A-AEAD-8428F0DC50AE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_3200:v200r002:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8FE1931-1585-4E9E-971D-1DA89C4ED59A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_3200:v200r003:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D69F769D-C3B0-459C-92BE-57CA645AFD15\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests.\"}, {\"lang\": \"es\", \"value\": \"Desbordamiento de b\\u00fafer basado en pila en los router Huawei AR 150, 200, 1200, 2200, y 3200, cuando el depurado SNMPv3 est\\u00e1 habilitado, permite a atacantes remotos ejecutar c\\u00f3digo a trav\\u00e9s de peticiones SNMPv3 malformadas.\"}]",
      "id": "CVE-2013-4630",
      "lastModified": "2024-11-21T01:55:58.107",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:H/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.6, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"HIGH\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 4.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2013-06-20T15:55:01.070",
      "references": "[{\"url\": \"http://www.exploit-db.com/exploits/25295\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.exploit-db.com/exploits/25295\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-4630\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2013-06-20T15:55:01.070\",\"lastModified\":\"2024-11-21T01:55:58.107\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de b\u00fafer basado en pila en los router Huawei AR 150, 200, 1200, 2200, y 3200, cuando el depurado SNMPv3 est\u00e1 habilitado, permite a atacantes remotos ejecutar c\u00f3digo a trav\u00e9s de peticiones SNMPv3 malformadas.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:C/I:C/A:C\",\"baseScore\":7.6,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":4.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_1200:v200r001:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91C15137-0BE6-4A8A-BBE4-835CE9D55EED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_1200:v200r002:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EBC7873-F277-4567-882C-759335670BCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_1200:v200r003:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"422CF4F4-DC3F-45A3-9D05-ABF9DE5621AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_150:v200r001:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC5201F6-1A0C-434A-8A7A-B194A89611A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_150:v200r002:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7428959D-CF8A-420E-969B-97EAD38A2FB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_150:v200r003:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6307C68F-931C-4D87-9CC1-B3431CAB0C11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_200:v200r001:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E243DC77-196A-4B4A-B2E6-30F4B634F419\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_200:v200r002:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EEED571-6638-464C-AE91-8B8DCBD87A43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_200:v200r003:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BAD81D8-2385-42CE-A147-7C23AD80A693\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_2200:v200r001:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA95EF1E-1309-4348-B1C0-9EF668DF774F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_2200:v200r002:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EBEFD7D-EA06-4017-A276-8B4741C9C51F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_2200:v200r003:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90670CC0-1434-4DCA-8D85-0ABCF76C9A1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_3200:v200r001:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2445F89-743C-4A9A-AEAD-8428F0DC50AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_3200:v200r002:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8FE1931-1585-4E9E-971D-1DA89C4ED59A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_3200:v200r003:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D69F769D-C3B0-459C-92BE-57CA645AFD15\"}]}]}],\"references\":[{\"url\":\"http://www.exploit-db.com/exploits/25295\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.exploit-db.com/exploits/25295\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

gsd-2013-4630

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests.

Aliases

CVE-2013-4630

Aliases

CVE-2013-4630

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-4630",
    "description": "Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests.",
    "id": "GSD-2013-4630"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-4630"
      ],
      "details": "Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests.",
      "id": "GSD-2013-4630",
      "modified": "2023-12-13T01:22:16.420766Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2013-4630",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "25295",
            "refsource": "EXPLOIT-DB",
            "url": "http://www.exploit-db.com/exploits/25295"
          },
          {
            "name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm",
            "refsource": "CONFIRM",
            "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_1200:v200r002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_1200:v200r003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_200:v200r003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_1200:v200r001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_3200:v200r002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_3200:v200r003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_200:v200r001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_200:v200r002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_2200:v200r003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_3200:v200r001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_150:v200r001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_150:v200r002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_150:v200r003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_2200:v200r001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_2200:v200r002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-4630"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm"
            },
            {
              "name": "25295",
              "refsource": "EXPLOIT-DB",
              "tags": [],
              "url": "http://www.exploit-db.com/exploits/25295"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.6,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 4.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2013-11-03T03:34Z",
      "publishedDate": "2013-06-20T15:55Z"
    }
  }
}

Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests. Huawei AR series routers are Huawei's proprietary VRP-based next-generation enterprise routers that integrate routing, switching, 3G, WLAN, voice, and security functions. An attacker could exploit the vulnerability to execute arbitrary code in the context of an affected application. A failed vulnerability attempt could result in a denial of service condition. Huawei Access Router (AR) is a low-end router product developed by Huawei in China. This product provides mobile and fixed network access methods, suitable for enterprise networks. Huawei uses SNMPv3 for network and device management

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201306-0349",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ar 200",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v200r002"
      },
      {
        "model": "ar 2200",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v200r003"
      },
      {
        "model": "ar 1200",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v200r002"
      },
      {
        "model": "ar 1200",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v200r001"
      },
      {
        "model": "ar 3200",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v200r003"
      },
      {
        "model": "ar 2200",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v200r001"
      },
      {
        "model": "ar 2200",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v200r002"
      },
      {
        "model": "ar 3200",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v200r001"
      },
      {
        "model": "ar 1200",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v200r003"
      },
      {
        "model": "ar 200",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v200r003"
      },
      {
        "model": "ar 200",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "v200r001"
      },
      {
        "model": "ar 3200",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "v200r002"
      },
      {
        "model": "ar 150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "v200r001"
      },
      {
        "model": "ar 150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "v200r003"
      },
      {
        "model": "ar 150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "v200r002"
      },
      {
        "model": "ar1200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r001"
      },
      {
        "model": "ar1200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r002"
      },
      {
        "model": "ar1200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r003"
      },
      {
        "model": "ar150",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r001"
      },
      {
        "model": "ar150",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r002"
      },
      {
        "model": "ar150",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r003"
      },
      {
        "model": "ar200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r001"
      },
      {
        "model": "ar200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r002"
      },
      {
        "model": "ar200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r003"
      },
      {
        "model": "ar2200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r001"
      },
      {
        "model": "ar2200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r002"
      },
      {
        "model": "ar2200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r003"
      },
      {
        "model": "ar3200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r001"
      },
      {
        "model": "ar3200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r002"
      },
      {
        "model": "ar3200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r003"
      },
      {
        "model": "ar series routers",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "3200"
      },
      {
        "model": "ar series routers",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "2200"
      },
      {
        "model": "ar series routers",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "200"
      },
      {
        "model": "ar series routers",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "150"
      },
      {
        "model": "ar series routers",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "1200"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04917"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003089"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4630"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-410"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_1200:v200r002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_1200:v200r003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_200:v200r003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_1200:v200r001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_3200:v200r002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_3200:v200r003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_200:v200r001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_200:v200r002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_2200:v200r003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_3200:v200r001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_150:v200r001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_150:v200r002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_150:v200r003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_2200:v200r001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_2200:v200r002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-4630"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Roberto Paleari",
    "sources": [
      {
        "db": "BID",
        "id": "59662"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2013-4630",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.6,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 4.9,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "High",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.6,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2013-4630",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.6,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 4.9,
            "id": "CNVD-2013-04917",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.6,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 4.9,
            "id": "VHN-64632",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:H/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2013-4630",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-04917",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201306-410",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-64632",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04917"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64632"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003089"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4630"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-410"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests. Huawei AR series routers are Huawei\u0027s proprietary VRP-based next-generation enterprise routers that integrate routing, switching, 3G, WLAN, voice, and security functions. An attacker could exploit the vulnerability to execute arbitrary code in the context of an affected application. A failed vulnerability attempt could result in a denial of service condition. Huawei Access Router (AR) is a low-end router product developed by Huawei in China. This product provides mobile and fixed network access methods, suitable for enterprise networks. Huawei uses SNMPv3 for network and device management",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-4630"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003089"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-04917"
      },
      {
        "db": "BID",
        "id": "59662"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64632"
      }
    ],
    "trust": 2.52
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-64632",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-64632"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-4630",
        "trust": 3.4
      },
      {
        "db": "EXPLOIT-DB",
        "id": "25295",
        "trust": 1.1
      },
      {
        "db": "BID",
        "id": "59662",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003089",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-410",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-04917",
        "trust": 0.6
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-78960",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-64632",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04917"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64632"
      },
      {
        "db": "BID",
        "id": "59662"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003089"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4630"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-410"
      }
    ]
  },
  "id": "VAR-201306-0349",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04917"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64632"
      }
    ],
    "trust": 1.7
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04917"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:14:56.604000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Huawei-SA-20130313-01",
        "trust": 0.8,
        "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm"
      },
      {
        "title": "Huawei AR Series Router SNMPv3 Remote Stack Buffer Overflow Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/33826"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04917"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003089"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-64632"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003089"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4630"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm"
      },
      {
        "trust": 1.1,
        "url": "http://www.exploit-db.com/exploits/25295"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4630"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4630"
      },
      {
        "trust": 0.3,
        "url": "http://www.huawei.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04917"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64632"
      },
      {
        "db": "BID",
        "id": "59662"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003089"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4630"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-410"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04917"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64632"
      },
      {
        "db": "BID",
        "id": "59662"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003089"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4630"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-410"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-05-08T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-04917"
      },
      {
        "date": "2013-06-20T00:00:00",
        "db": "VULHUB",
        "id": "VHN-64632"
      },
      {
        "date": "2013-03-13T00:00:00",
        "db": "BID",
        "id": "59662"
      },
      {
        "date": "2013-06-24T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-003089"
      },
      {
        "date": "2013-06-20T15:55:01.070000",
        "db": "NVD",
        "id": "CVE-2013-4630"
      },
      {
        "date": "2013-06-21T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201306-410"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-05-08T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-04917"
      },
      {
        "date": "2013-11-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-64632"
      },
      {
        "date": "2015-03-19T09:49:00",
        "db": "BID",
        "id": "59662"
      },
      {
        "date": "2013-06-24T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-003089"
      },
      {
        "date": "2013-11-03T03:34:00.850000",
        "db": "NVD",
        "id": "CVE-2013-4630"
      },
      {
        "date": "2013-06-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201306-410"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-410"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Huawei AR Router stack-based buffer overflow vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003089"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-410"
      }
    ],
    "trust": 0.6
  }
}

ghsa-h5pj-vh3h-q27r

Vulnerability from github

Published

2022-05-17 04:58

Modified

2022-05-17 04:58

Details

Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-4630"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-06-20T15:55:00Z",
    "severity": "HIGH"
  },
  "details": "Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests.",
  "id": "GHSA-h5pj-vh3h-q27r",
  "modified": "2022-05-17T04:58:37Z",
  "published": "2022-05-17T04:58:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4630"
    },
    {
      "type": "WEB",
      "url": "http://www.exploit-db.com/exploits/25295"
    },
    {
      "type": "WEB",
      "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2013-4630

Vulnerability from fkie_nvd

Published

2013-06-20 15:55

Modified

2024-11-21 01:55

Severity ?

Summary

Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests.

References

URL	Tags
cve@mitre.org	http://www.exploit-db.com/exploits/25295
cve@mitre.org	http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.exploit-db.com/exploits/25295
af854a3a-2127-422b-91ae-364da2661108	http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm	Vendor Advisory

Impacted products

Vendor	Product	Version
huawei	ar_1200	v200r001
huawei	ar_1200	v200r002
huawei	ar_1200	v200r003
huawei	ar_150	v200r001
huawei	ar_150	v200r002
huawei	ar_150	v200r003
huawei	ar_200	v200r001
huawei	ar_200	v200r002
huawei	ar_200	v200r003
huawei	ar_2200	v200r001
huawei	ar_2200	v200r002
huawei	ar_2200	v200r003
huawei	ar_3200	v200r001
huawei	ar_3200	v200r002
huawei	ar_3200	v200r003

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:ar_1200:v200r001:*:*:*:*:*:*:*",
              "matchCriteriaId": "91C15137-0BE6-4A8A-BBE4-835CE9D55EED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_1200:v200r002:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EBC7873-F277-4567-882C-759335670BCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_1200:v200r003:*:*:*:*:*:*:*",
              "matchCriteriaId": "422CF4F4-DC3F-45A3-9D05-ABF9DE5621AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_150:v200r001:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC5201F6-1A0C-434A-8A7A-B194A89611A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_150:v200r002:*:*:*:*:*:*:*",
              "matchCriteriaId": "7428959D-CF8A-420E-969B-97EAD38A2FB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_150:v200r003:*:*:*:*:*:*:*",
              "matchCriteriaId": "6307C68F-931C-4D87-9CC1-B3431CAB0C11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_200:v200r001:*:*:*:*:*:*:*",
              "matchCriteriaId": "E243DC77-196A-4B4A-B2E6-30F4B634F419",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_200:v200r002:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EEED571-6638-464C-AE91-8B8DCBD87A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_200:v200r003:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BAD81D8-2385-42CE-A147-7C23AD80A693",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_2200:v200r001:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA95EF1E-1309-4348-B1C0-9EF668DF774F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_2200:v200r002:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EBEFD7D-EA06-4017-A276-8B4741C9C51F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_2200:v200r003:*:*:*:*:*:*:*",
              "matchCriteriaId": "90670CC0-1434-4DCA-8D85-0ABCF76C9A1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_3200:v200r001:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2445F89-743C-4A9A-AEAD-8428F0DC50AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_3200:v200r002:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8FE1931-1585-4E9E-971D-1DA89C4ED59A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_3200:v200r003:*:*:*:*:*:*:*",
              "matchCriteriaId": "D69F769D-C3B0-459C-92BE-57CA645AFD15",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en los router Huawei AR 150, 200, 1200, 2200, y 3200, cuando el depurado SNMPv3 est\u00e1 habilitado, permite a atacantes remotos ejecutar c\u00f3digo a trav\u00e9s de peticiones SNMPv3 malformadas."
    }
  ],
  "id": "CVE-2013-4630",
  "lastModified": "2024-11-21T01:55:58.107",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.6,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-06-20T15:55:01.070",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.exploit-db.com/exploits/25295"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.exploit-db.com/exploits/25295"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2013-4630

Vulnerability from cvelistv5

gsd-2013-4630

Vulnerability from gsd

var-201306-0349

Vulnerability from variot

ghsa-h5pj-vh3h-q27r

Vulnerability from github

CVE-2013-4630

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature