cvelistv5 - CVE-2016-9497

CVE-2016-9497 (GCVE-0-2016-9497)

Vulnerability from cvelistv5 – Published: 2018-07-13 20:00 – Updated: 2024-08-06 02:50

Summary

Severity ?

No CVSS data available.

CWE

CWE-288

Assigner

certcc

References

URL

Tags

	https://www.securityfocus.com/bid/96244	vdb-entryx_refsource_BID
	https://www.kb.cert.org/vuls/id/614751	third-party-advisoryx_refsource_CERT-VN

Impacted products

Vendor

Product

Version

Hughes Satellite Modem

HN7740S

Unknown: N/A

	Hughes Satellite Modem	DW7000	Unknown: N/A
	Hughes Satellite Modem	HN7000S/SM	Unknown: N/A

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:50:38.663Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "96244",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "https://www.securityfocus.com/bid/96244"
          },
          {
            "name": "VU#614751",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/614751"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "HN7740S",
          "vendor": "Hughes Satellite Modem",
          "versions": [
            {
              "status": "unknown",
              "version": "N/A"
            }
          ]
        },
        {
          "product": "DW7000",
          "vendor": "Hughes Satellite Modem",
          "versions": [
            {
              "status": "unknown",
              "version": "N/A"
            }
          ]
        },
        {
          "product": "HN7000S/SM",
          "vendor": "Hughes Satellite Modem",
          "versions": [
            {
              "status": "unknown",
              "version": "N/A"
            }
          ]
        }
      ],
      "datePublic": "2017-02-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user can access many administrative commands via this interface, including rebooting the modem."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-288",
              "description": "CWE-288",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-13T19:57:01",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "96244",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "https://www.securityfocus.com/bid/96244"
        },
        {
          "name": "VU#614751",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/614751"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2016-9497",
          "STATE": "PUBLIC",
          "TITLE": "Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "HN7740S",
                      "version": {
                        "version_data": [
                          {
                            "affected": "?",
                            "version_affected": "?",
                            "version_value": "N/A"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "DW7000",
                      "version": {
                        "version_data": [
                          {
                            "affected": "?",
                            "version_affected": "?",
                            "version_value": "N/A"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "HN7000S/SM",
                      "version": {
                        "version_data": [
                          {
                            "affected": "?",
                            "version_affected": "?",
                            "version_value": "N/A"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Hughes Satellite Modem"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user can access many administrative commands via this interface, including rebooting the modem."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-288"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "96244",
              "refsource": "BID",
              "url": "https://www.securityfocus.com/bid/96244"
            },
            {
              "name": "VU#614751",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/614751"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2016-9497",
    "datePublished": "2018-07-13T20:00:00",
    "dateReserved": "2016-11-21T00:00:00",
    "dateUpdated": "2024-08-06T02:50:38.663Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hughes:hn7740s_firmware:6.9.0.34:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9029731-A889-43E7-BBC0-38E982690D57\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hughes:hn7740s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF1B8214-EE17-49B6-8084-D9195F989961\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hughes:dw7000_firmware:6.9.0.34:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A98920BD-1929-419A-961A-CA0F09187693\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hughes:dw7000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A154763-BFF7-4541-9036-34B85BA18479\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hughes:hn7000s_firmware:6.9.0.34:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"27F4528C-7D87-4B5A-A330-A09F555AE36D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hughes:hn7000s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"91470E55-2227-489A-BEB5-86C151F32344\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hughes:hn7000sm_firmware:6.9.0.34:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA234B78-E832-4493-BFCD-AECEAC3CCA02\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hughes:hn7000sm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5AAB1D14-3EA2-46C7-9010-87750F19DF24\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user can access many administrative commands via this interface, including rebooting the modem.\"}, {\"lang\": \"es\", \"value\": \"Los m\\u00f3dems por sat\\u00e9lite de alto rendimiento de banda ancha de Hughes, en sus modelos HN7740S DW7000 HN7000S/SM, son vulnerables a una omisi\\u00f3n de autenticaci\\u00f3n mediante una ruta o canal alternativos. Por defecto, se puede acceder al puerto 1953 por telnet y no requiere autenticaci\\u00f3n. Un usuario remoto no autenticado puede acceder a muchos comandos administrativos mediante esta interfaz, incluyendo el reinicio del m\\u00f3dem.\"}]",
      "id": "CVE-2016-9497",
      "lastModified": "2024-11-21T03:01:19.907",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:A/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 8.3, \"accessVector\": \"ADJACENT_NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 6.5, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-07-13T20:29:01.910",
      "references": "[{\"url\": \"https://www.kb.cert.org/vuls/id/614751\", \"source\": \"cret@cert.org\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.securityfocus.com/bid/96244\", \"source\": \"cret@cert.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.kb.cert.org/vuls/id/614751\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.securityfocus.com/bid/96244\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "cret@cert.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"cret@cert.org\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-288\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-287\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-9497\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2018-07-13T20:29:01.910\",\"lastModified\":\"2024-11-21T03:01:19.907\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user can access many administrative commands via this interface, including rebooting the modem.\"},{\"lang\":\"es\",\"value\":\"Los m\u00f3dems por sat\u00e9lite de alto rendimiento de banda ancha de Hughes, en sus modelos HN7740S DW7000 HN7000S/SM, son vulnerables a una omisi\u00f3n de autenticaci\u00f3n mediante una ruta o canal alternativos. Por defecto, se puede acceder al puerto 1953 por telnet y no requiere autenticaci\u00f3n. Un usuario remoto no autenticado puede acceder a muchos comandos administrativos mediante esta interfaz, incluyendo el reinicio del m\u00f3dem.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":8.3,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":6.5,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cret@cert.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-288\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hughes:hn7740s_firmware:6.9.0.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9029731-A889-43E7-BBC0-38E982690D57\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hughes:hn7740s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF1B8214-EE17-49B6-8084-D9195F989961\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hughes:dw7000_firmware:6.9.0.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A98920BD-1929-419A-961A-CA0F09187693\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hughes:dw7000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A154763-BFF7-4541-9036-34B85BA18479\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hughes:hn7000s_firmware:6.9.0.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27F4528C-7D87-4B5A-A330-A09F555AE36D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hughes:hn7000s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91470E55-2227-489A-BEB5-86C151F32344\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hughes:hn7000sm_firmware:6.9.0.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA234B78-E832-4493-BFCD-AECEAC3CCA02\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hughes:hn7000sm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AAB1D14-3EA2-46C7-9010-87750F19DF24\"}]}]}],\"references\":[{\"url\":\"https://www.kb.cert.org/vuls/id/614751\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.securityfocus.com/bid/96244\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/614751\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.securityfocus.com/bid/96244\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

VAR-201807-0129

Vulnerability from variot - Updated: 2023-12-18 12:50

Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user can access many administrative commands via this interface, including rebooting the modem. Hughes Network Systems, LLC Multiple broadband satellite modems offered by are vulnerable to the following multiple vulnerabilities: * Incorrect input value validation (CWE-20) - CVE-2016-9494 * Problems with hard-coded credentials (CWE-798) - CVE-2016-9495 * The problem of lack of authentication for important functions (CWE-306) - CVE-2016-9496 * Avoiding authentication through another channel or path (CWE-288) - CVE-2016-9497Denial of service operation of the device by a remote third party (DoS) An attack could be performed, the device could be restarted, or an arbitrary command could be executed on the device. Multiple Hughes Satellite Modems are prone to the following security vulnerabilities: 1. Multiple denial-of-service vulnerabilities 2. A hard-coded credentials vulnerability 3. An authentication bypass vulnerability An attacker can exploit these issues to gain access to bypass certain security restrictions and obtain potentially sensitive information, perform unauthorized actions, or cause denial-of-service condition on the affected device. Other attacks are also possible. The following products are vulnerable: HN7740S DW7000 HN7000S/SM. Hughes satellite is a set of solutions for satellite broadband services from Hughes Corporation of the United States. HN7740S, DW7000 and HN7000S/SM are the modems used in it. The following products and versions are affected: Hughes HN7740S with firmware version 6.9.0.34; DW7000 with firmware version 6.9.0.34; HN7000S/SM with firmware version 6.9.0.34

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201807-0129",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "hn7000sm",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "hughes",
        "version": "6.9.0.34"
      },
      {
        "model": "dw7000",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "hughes",
        "version": "6.9.0.34"
      },
      {
        "model": "hn7000s",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "hughes",
        "version": "6.9.0.34"
      },
      {
        "model": "hn7740s",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "hughes",
        "version": "6.9.0.34"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "hughes network",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "kontron s t",
        "version": null
      },
      {
        "model": "dw7000",
        "scope": null,
        "trust": 0.8,
        "vendor": "hughes network",
        "version": null
      },
      {
        "model": "hn7000s/sm",
        "scope": null,
        "trust": 0.8,
        "vendor": "hughes network",
        "version": null
      },
      {
        "model": "hn7740s",
        "scope": null,
        "trust": 0.8,
        "vendor": "hughes network",
        "version": null
      },
      {
        "model": "hn7740s",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hughes",
        "version": "0"
      },
      {
        "model": "hn7000s/sm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hughes",
        "version": "0"
      },
      {
        "model": "dw7000",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hughes",
        "version": "0"
      },
      {
        "model": "hn7740s",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hughes",
        "version": "6.9.0.34"
      },
      {
        "model": "hn7000s/sm",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hughes",
        "version": "6.9.0.34"
      },
      {
        "model": "dw7000",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hughes",
        "version": "6.9.0.34"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#614751"
      },
      {
        "db": "BID",
        "id": "96244"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008414"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-9497"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-608"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:hughes:hn7740s_firmware:6.9.0.34:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:hughes:hn7740s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:hughes:dw7000_firmware:6.9.0.34:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:hughes:dw7000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:hughes:hn7000s_firmware:6.9.0.34:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:hughes:hn7000s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:hughes:hn7000sm_firmware:6.9.0.34:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:hughes:hn7000sm:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-9497"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "anonymous",
    "sources": [
      {
        "db": "BID",
        "id": "96244"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2016-9497",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 6.5,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 6.5,
            "id": "VHN-98317",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:A/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2016-9497",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201702-608",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-98317",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-98317"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-9497"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-608"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user can access many administrative commands via this interface, including rebooting the modem. Hughes Network Systems, LLC Multiple broadband satellite modems offered by are vulnerable to the following multiple vulnerabilities: * Incorrect input value validation (CWE-20) - CVE-2016-9494 * Problems with hard-coded credentials (CWE-798) - CVE-2016-9495 * The problem of lack of authentication for important functions (CWE-306) - CVE-2016-9496 * Avoiding authentication through another channel or path (CWE-288) - CVE-2016-9497Denial of service operation of the device by a remote third party (DoS) An attack could be performed, the device could be restarted, or an arbitrary command could be executed on the device. Multiple Hughes Satellite Modems are prone to the following security vulnerabilities:\n1. Multiple  denial-of-service vulnerabilities\n2. A hard-coded credentials vulnerability\n3. An authentication bypass vulnerability\nAn attacker can exploit these issues to  gain  access to bypass certain security restrictions and obtain potentially   sensitive information, perform unauthorized actions, or cause  denial-of-service condition on the affected device. Other attacks are  also possible. \nThe following products are vulnerable:\nHN7740S\nDW7000\nHN7000S/SM. Hughes satellite is a set of solutions for satellite broadband services from Hughes Corporation of the United States. HN7740S, DW7000 and HN7000S/SM are the modems used in it. The following products and versions are affected: Hughes HN7740S with firmware version 6.9.0.34; DW7000 with firmware version 6.9.0.34; HN7000S/SM with firmware version 6.9.0.34",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-9497"
      },
      {
        "db": "CERT/CC",
        "id": "VU#614751"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008414"
      },
      {
        "db": "BID",
        "id": "96244"
      },
      {
        "db": "VULHUB",
        "id": "VHN-98317"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#614751",
        "trust": 3.6
      },
      {
        "db": "NVD",
        "id": "CVE-2016-9497",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "96244",
        "trust": 2.0
      },
      {
        "db": "JVN",
        "id": "JVNVU93522863",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008414",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-608",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-98317",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#614751"
      },
      {
        "db": "VULHUB",
        "id": "VHN-98317"
      },
      {
        "db": "BID",
        "id": "96244"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008414"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-9497"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-608"
      }
    ]
  },
  "id": "VAR-201807-0129",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-98317"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:50:39.330000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Broadband Satellite Modems, Routers, and Appliances",
        "trust": 0.8,
        "url": "https://www.hughes.com/technologies/broadband-satellite-systems/hn-systems"
      },
      {
        "title": "Multiple Hughes satellite modems Product security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=68207"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008414"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-608"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-287",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-798",
        "trust": 0.8
      },
      {
        "problemtype": "CWE-306",
        "trust": 0.8
      },
      {
        "problemtype": "CWE-288",
        "trust": 0.8
      },
      {
        "problemtype": "CWE-20",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-98317"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008414"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-9497"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://www.kb.cert.org/vuls/id/614751"
      },
      {
        "trust": 1.7,
        "url": "https://www.securityfocus.com/bid/96244"
      },
      {
        "trust": 0.8,
        "url": "about vulnerability notes"
      },
      {
        "trust": 0.8,
        "url": "contact us about this vulnerability"
      },
      {
        "trust": 0.8,
        "url": "provide a vendor statement"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9495"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9496"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9497"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9494"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu93522863/index.html"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-9497"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-9494"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-9495"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-9496"
      },
      {
        "trust": 0.3,
        "url": "http://www.hughes.com"
      },
      {
        "trust": 0.3,
        "url": "http://www.kb.cert.org/vuls/id/614751 "
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#614751"
      },
      {
        "db": "VULHUB",
        "id": "VHN-98317"
      },
      {
        "db": "BID",
        "id": "96244"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008414"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-9497"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-608"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#614751"
      },
      {
        "db": "VULHUB",
        "id": "VHN-98317"
      },
      {
        "db": "BID",
        "id": "96244"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008414"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-9497"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-608"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-02-15T00:00:00",
        "db": "CERT/CC",
        "id": "VU#614751"
      },
      {
        "date": "2018-07-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-98317"
      },
      {
        "date": "2017-02-15T00:00:00",
        "db": "BID",
        "id": "96244"
      },
      {
        "date": "2017-05-17T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-008414"
      },
      {
        "date": "2018-07-13T20:29:01.910000",
        "db": "NVD",
        "id": "CVE-2016-9497"
      },
      {
        "date": "2017-02-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201702-608"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-02-27T00:00:00",
        "db": "CERT/CC",
        "id": "VU#614751"
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-98317"
      },
      {
        "date": "2017-03-07T04:02:00",
        "db": "BID",
        "id": "96244"
      },
      {
        "date": "2017-05-17T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-008414"
      },
      {
        "date": "2019-10-09T23:20:32.837000",
        "db": "NVD",
        "id": "CVE-2016-9497"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201702-608"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote or local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-608"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Hughes satellite modems contain multiple vulnerabilities",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#614751"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "authorization issue",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-608"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2016-9497

Vulnerability from fkie_nvd - Published: 2018-07-13 20:29 - Updated: 2024-11-21 03:01

Severity ?

8.8 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
cret@cert.org	https://www.kb.cert.org/vuls/id/614751	Third Party Advisory, US Government Resource
cret@cert.org	https://www.securityfocus.com/bid/96244	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.kb.cert.org/vuls/id/614751	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://www.securityfocus.com/bid/96244	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
hughes	hn7740s_firmware	6.9.0.34
hughes	hn7740s	-
hughes	dw7000_firmware	6.9.0.34
hughes	dw7000	-
hughes	hn7000s_firmware	6.9.0.34
hughes	hn7000s	-
hughes	hn7000sm_firmware	6.9.0.34
hughes	hn7000sm	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hughes:hn7740s_firmware:6.9.0.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9029731-A889-43E7-BBC0-38E982690D57",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hughes:hn7740s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF1B8214-EE17-49B6-8084-D9195F989961",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hughes:dw7000_firmware:6.9.0.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "A98920BD-1929-419A-961A-CA0F09187693",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hughes:dw7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A154763-BFF7-4541-9036-34B85BA18479",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hughes:hn7000s_firmware:6.9.0.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F4528C-7D87-4B5A-A330-A09F555AE36D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hughes:hn7000s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91470E55-2227-489A-BEB5-86C151F32344",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hughes:hn7000sm_firmware:6.9.0.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA234B78-E832-4493-BFCD-AECEAC3CCA02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hughes:hn7000sm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AAB1D14-3EA2-46C7-9010-87750F19DF24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user can access many administrative commands via this interface, including rebooting the modem."
    },
    {
      "lang": "es",
      "value": "Los m\u00f3dems por sat\u00e9lite de alto rendimiento de banda ancha de Hughes, en sus modelos HN7740S DW7000 HN7000S/SM, son vulnerables a una omisi\u00f3n de autenticaci\u00f3n mediante una ruta o canal alternativos. Por defecto, se puede acceder al puerto 1953 por telnet y no requiere autenticaci\u00f3n. Un usuario remoto no autenticado puede acceder a muchos comandos administrativos mediante esta interfaz, incluyendo el reinicio del m\u00f3dem."
    }
  ],
  "id": "CVE-2016-9497",
  "lastModified": "2024-11-21T03:01:19.907",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 8.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-07-13T20:29:01.910",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/614751"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.securityfocus.com/bid/96244"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/614751"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.securityfocus.com/bid/96244"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-288"
        }
      ],
      "source": "cret@cert.org",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2016-9497

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2016-9497

Aliases

CVE-2016-9497

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-9497",
    "description": "Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user can access many administrative commands via this interface, including rebooting the modem.",
    "id": "GSD-2016-9497"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-9497"
      ],
      "details": "Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user can access many administrative commands via this interface, including rebooting the modem.",
      "id": "GSD-2016-9497",
      "modified": "2023-12-13T01:21:21.742521Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cert@cert.org",
        "ID": "CVE-2016-9497",
        "STATE": "PUBLIC",
        "TITLE": "Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "HN7740S",
                    "version": {
                      "version_data": [
                        {
                          "affected": "?",
                          "version_value": "N/A"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "DW7000",
                    "version": {
                      "version_data": [
                        {
                          "affected": "?",
                          "version_value": "N/A"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "HN7000S/SM",
                    "version": {
                      "version_data": [
                        {
                          "affected": "?",
                          "version_value": "N/A"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Hughes Satellite Modem"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user can access many administrative commands via this interface, including rebooting the modem."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-288"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "96244",
            "refsource": "BID",
            "url": "https://www.securityfocus.com/bid/96244"
          },
          {
            "name": "VU#614751",
            "refsource": "CERT-VN",
            "url": "https://www.kb.cert.org/vuls/id/614751"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:hughes:hn7740s_firmware:6.9.0.34:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:hughes:hn7740s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:hughes:dw7000_firmware:6.9.0.34:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:hughes:dw7000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:hughes:hn7000s_firmware:6.9.0.34:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:hughes:hn7000s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:hughes:hn7000sm_firmware:6.9.0.34:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:hughes:hn7000sm:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2016-9497"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user can access many administrative commands via this interface, including rebooting the modem."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-287"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "96244",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.securityfocus.com/bid/96244"
            },
            {
              "name": "VU#614751",
              "refsource": "CERT-VN",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://www.kb.cert.org/vuls/id/614751"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 6.5,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-10-09T23:20Z",
      "publishedDate": "2018-07-13T20:29Z"
    }
  }
}

GHSA-QQ6R-2668-C4WG

Vulnerability from github – Published: 2022-05-13 01:38 – Updated: 2022-05-13 01:38

Details

Severity ?

8.8 (High)


                  
                    CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-9497"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-07-13T20:29:00Z",
    "severity": "HIGH"
  },
  "details": "Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user can access many administrative commands via this interface, including rebooting the modem.",
  "id": "GHSA-qq6r-2668-c4wg",
  "modified": "2022-05-13T01:38:30Z",
  "published": "2022-05-13T01:38:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9497"
    },
    {
      "type": "WEB",
      "url": "https://www.kb.cert.org/vuls/id/614751"
    },
    {
      "type": "WEB",
      "url": "https://www.securityfocus.com/bid/96244"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-9497 (GCVE-0-2016-9497)

VAR-201807-0129

FKIE_CVE-2016-9497

GSD-2016-9497

GHSA-QQ6R-2668-C4WG

Tags

Sightings

Nomenclature