Vulnerability-Lookup

CVE-2019-3495 (GCVE-0-2019-3495)

Vulnerability from cvelistv5 – Published: 2019-03-18 17:14 – Updated: 2024-08-04 19:12

KEVIntel

Summary

Severity

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

Assigner

mitre

References

3 references

URL	Tags
http://packetstormsecurity.com/files/151077/Wifi-…	x_refsource_MISC
http://seclists.org/fulldisclosure/2019/Jan/23	mailing-listx_refsource_MLIST
https://sahildhar.github.io/blogpost/Multiple-RCE…	x_refsource_MISC

Date Public

2019-01-05 00:00

KEVIntel

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: 4280e75b-ece2-4280-a04c-7eed3230b682

Vulnerability ID: CVE-2019-3495

Status: Confirmed

Status Updated: 2019-03-18 17:14 UTC

Exploited: Yes

Timestamps

First Seen: 2019-03-18

Asserted: 2019-03-18

Scope

Notes: KEVIntel entry: An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload,... | Affected: n/a / n/a | Used in malware: unknown | Not yet in CISA KEV: True

Evidence

Type: Public Report

Signal: Successful Exploitation

Confidence: 70%

Source: kevintel

Details

Feed	KEVIntel (kevintel.com)
Title	An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload,...
Vendor	n/a
Product	n/a
Added Date	2019-03-18T17:14:33.000Z
Cvss Score	None
Epss Score	None
Cvss Severity	None
Epss Percentile	None
Used In Malware	unknown
Ahead Of Cisa Kev	None
Not Yet In Cisa Kev	True

References

Created: 2026-06-23 14:06 UTC | Updated: 2026-06-23 14:06 UTC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T19:12:09.477Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/151077/Wifi-soft-Unibox-2.x-Remote-Command-Code-Injection.html"
          },
          {
            "name": "[fulldisclosure] 20190106 Multiple Root RCE in Unibox Wifi Access Controller 0.x - 3.x",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2019/Jan/23"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2019-01-05T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-03-18T17:14:33.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/151077/Wifi-soft-Unibox-2.x-Remote-Command-Code-Injection.html"
        },
        {
          "name": "[fulldisclosure] 20190106 Multiple Root RCE in Unibox Wifi Access Controller 0.x - 3.x",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://seclists.org/fulldisclosure/2019/Jan/23"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-3495",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://packetstormsecurity.com/files/151077/Wifi-soft-Unibox-2.x-Remote-Command-Code-Injection.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/151077/Wifi-soft-Unibox-2.x-Remote-Command-Code-Injection.html"
            },
            {
              "name": "[fulldisclosure] 20190106 Multiple Root RCE in Unibox Wifi Access Controller 0.x - 3.x",
              "refsource": "MLIST",
              "url": "http://seclists.org/fulldisclosure/2019/Jan/23"
            },
            {
              "name": "https://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/",
              "refsource": "MISC",
              "url": "https://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-3495",
    "datePublished": "2019-03-18T17:14:33.000Z",
    "dateReserved": "2019-01-01T00:00:00.000Z",
    "dateUpdated": "2024-08-04T19:12:09.477Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2019-3495",
      "date": "2026-06-24",
      "epss": "0.05037",
      "percentile": "0.91166"
    },
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:indionetworks:unibox_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE92FF13-7476-40B0-904A-E6074FF9BB77\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:indionetworks:unibox:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5BFEDFA-26EA-4435-B629-623732B57FB7\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials.\"}, {\"lang\": \"es\", \"value\": \"Se ha descubierto un problema en el controlador Wifi-soft UniBox, desde la versi\\u00f3n 0.x hasta la 2.x. network/mesh/edit-nds.php es vulnerable a la subida de archivos arbitrarios, lo que permite que un atacante suba archivos .php y ejecute c\\u00f3digo en el servidor con privilegios de usuario root. La autenticaci\\u00f3n para acceder a este componente se puede omitir mediante el uso de credenciales embebidas\"}]",
      "id": "CVE-2019-3495",
      "lastModified": "2024-11-21T04:42:08.290",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:C/I:C/A:C\", \"baseScore\": 9.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-03-21T16:01:04.187",
      "references": "[{\"url\": \"http://packetstormsecurity.com/files/151077/Wifi-soft-Unibox-2.x-Remote-Command-Code-Injection.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Jan/23\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/151077/Wifi-soft-Unibox-2.x-Remote-Command-Code-Injection.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Jan/23\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-434\"}, {\"lang\": \"en\", \"value\": \"CWE-798\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-3495\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-03-21T16:01:04.187\",\"lastModified\":\"2024-11-21T04:42:08.290\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials.\"},{\"lang\":\"es\",\"value\":\"Se ha descubierto un problema en el controlador Wifi-soft UniBox, desde la versi\u00f3n 0.x hasta la 2.x. network/mesh/edit-nds.php es vulnerable a la subida de archivos arbitrarios, lo que permite que un atacante suba archivos .php y ejecute c\u00f3digo en el servidor con privilegios de usuario root. La autenticaci\u00f3n para acceder a este componente se puede omitir mediante el uso de credenciales embebidas\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:C/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-434\"},{\"lang\":\"en\",\"value\":\"CWE-798\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:indionetworks:unibox_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE92FF13-7476-40B0-904A-E6074FF9BB77\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:indionetworks:unibox:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5BFEDFA-26EA-4435-B629-623732B57FB7\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/151077/Wifi-soft-Unibox-2.x-Remote-Command-Code-Injection.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/Jan/23\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/151077/Wifi-soft-Unibox-2.x-Remote-Command-Code-Injection.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/Jan/23\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
  }
}

CNVD-2019-00769

Vulnerability from cnvd - Published: 2019-01-09

Title

Wifi-soft's Unibox Controllers远程代码注入漏洞

Description

Wifi-soft's Unibox Controllers是适用于所有大型和小型场所的快节奏的网络控制器。 Wifi-soft's Unibox Controllers存在远程代码注入漏洞。攻击者可利用漏洞注入任意代码。

Severity

高

Formal description

目前没有详细解决方案提供： https://wifi-soft.com/unibox-controller/

Reference

https://seclists.org/fulldisclosure/2019/Jan/23

Impacted products

Name
Wifi-Soft Unibox Controller >=0.，<=2.

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-3495"
    }
  },
  "description": "Wifi-soft\u0027s Unibox Controllers\u662f\u9002\u7528\u4e8e\u6240\u6709\u5927\u578b\u548c\u5c0f\u578b\u573a\u6240\u7684\u5feb\u8282\u594f\u7684\u7f51\u7edc\u63a7\u5236\u5668\u3002\n\nWifi-soft\u0027s Unibox Controllers\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6ce8\u5165\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u6ce8\u5165\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "Sahil Dhar",
  "formalWay": "\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u89e3\u51b3\u65b9\u6848\u63d0\u4f9b\uff1a\r\nhttps://wifi-soft.com/unibox-controller/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-00769",
  "openTime": "2019-01-09",
  "products": {
    "product": "Wifi-Soft Unibox Controller \u003e=0.*\uff0c\u003c=2.*"
  },
  "referenceLink": "https://seclists.org/fulldisclosure/2019/Jan/23",
  "serverity": "\u9ad8",
  "submitTime": "2019-01-09",
  "title": "Wifi-soft\u0027s Unibox Controllers\u8fdc\u7a0b\u4ee3\u7801\u6ce8\u5165\u6f0f\u6d1e"
}

FKIE_CVE-2019-3495

Vulnerability from fkie_nvd - Published: 2019-03-21 16:01 - Updated: 2026-06-17 02:35

KEVIntel

Severity

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
cve@mitre.org	http://packetstormsecurity.com/files/151077/Wifi-soft-Unibox-2.x-Remote-Command-Code-Injection.html	Exploit, Third Party Advisory, VDB Entry
cve@mitre.org	http://seclists.org/fulldisclosure/2019/Jan/23	Exploit, Mailing List, Third Party Advisory
cve@mitre.org	https://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/151077/Wifi-soft-Unibox-2.x-Remote-Command-Code-Injection.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2019/Jan/23	Exploit, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/	Exploit, Third Party Advisory

Impacted products

	Vendor	Product	Version
	indionetworks	unibox_firmware	-
	indionetworks	unibox	-

JSON

To clipboard

{
  "affected": [
    {
      "affectedData": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "source": "cve@mitre.org"
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:indionetworks:unibox_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE92FF13-7476-40B0-904A-E6074FF9BB77",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:indionetworks:unibox:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5BFEDFA-26EA-4435-B629-623732B57FB7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials."
    },
    {
      "lang": "es",
      "value": "Se ha descubierto un problema en el controlador Wifi-soft UniBox, desde la versi\u00f3n 0.x hasta la 2.x. network/mesh/edit-nds.php es vulnerable a la subida de archivos arbitrarios, lo que permite que un atacante suba archivos .php y ejecute c\u00f3digo en el servidor con privilegios de usuario root. La autenticaci\u00f3n para acceder a este componente se puede omitir mediante el uso de credenciales embebidas"
    }
  ],
  "id": "CVE-2019-3495",
  "lastModified": "2026-06-17T02:35:12.250",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-03-21T16:01:04.187",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/151077/Wifi-soft-Unibox-2.x-Remote-Command-Code-Injection.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2019/Jan/23"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/151077/Wifi-soft-Unibox-2.x-Remote-Command-Code-Injection.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2019/Jan/23"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-434"
        },
        {
          "lang": "en",
          "value": "CWE-798"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-X3P7-M76V-6JXC

Vulnerability from github – Published: 2022-05-13 01:06 – Updated: 2022-05-13 01:06

Details

Severity

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-3495"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-03-21T16:01:00Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials.",
  "id": "GHSA-x3p7-m76v-6jxc",
  "modified": "2022-05-13T01:06:04Z",
  "published": "2022-05-13T01:06:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3495"
    },
    {
      "type": "WEB",
      "url": "https://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/151077/Wifi-soft-Unibox-2.x-Remote-Command-Code-Injection.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2019/Jan/23"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2019-3495

Vulnerability from gsd - Updated: 2023-12-13 01:24

Details

Aliases

CVE-2019-3495

Aliases

CVE-2019-3495

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-3495",
    "description": "An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials.",
    "id": "GSD-2019-3495"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-3495"
      ],
      "details": "An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials.",
      "id": "GSD-2019-3495",
      "modified": "2023-12-13T01:24:04.780395Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2019-3495",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://packetstormsecurity.com/files/151077/Wifi-soft-Unibox-2.x-Remote-Command-Code-Injection.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/151077/Wifi-soft-Unibox-2.x-Remote-Command-Code-Injection.html"
          },
          {
            "name": "[fulldisclosure] 20190106 Multiple Root RCE in Unibox Wifi Access Controller 0.x - 3.x",
            "refsource": "MLIST",
            "url": "http://seclists.org/fulldisclosure/2019/Jan/23"
          },
          {
            "name": "https://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/",
            "refsource": "MISC",
            "url": "https://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:indionetworks:unibox_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:indionetworks:unibox:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-3495"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": []
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/"
            },
            {
              "name": "[fulldisclosure] 20190106 Multiple Root RCE in Unibox Wifi Access Controller 0.x - 3.x",
              "refsource": "MLIST",
              "tags": [
                "Exploit",
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://seclists.org/fulldisclosure/2019/Jan/23"
            },
            {
              "name": "http://packetstormsecurity.com/files/151077/Wifi-soft-Unibox-2.x-Remote-Command-Code-Injection.html",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/151077/Wifi-soft-Unibox-2.x-Remote-Command-Code-Injection.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2021-09-13T11:10Z",
      "publishedDate": "2019-03-21T16:01Z"
    }
  }
}

VAR-201903-0009

Vulnerability from variot - Updated: 2023-12-18 13:08

An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials. Wifi-soft UniBox controller The device contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Wifi-soft's UniboxControllers is a fast-paced network controller for all large and small venues. There is a remote code injection vulnerability in Wifi-soft's UniboxControllers. An attacker can exploit a vulnerability to inject arbitrary code. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements.

Name: Remote Code Injection in Wifi-soft's Unibox Controllers Affected Software: Unibox Controller Affected Versions: 0.x - 2.x Homepage: https://wifi-soft.com/unibox-controller/ Vulnerability: Remote Code Injection Severity: Critical Status: Not Fixed CVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8) CVE-ID Reference: CVE-2019-3495

Name: Remote Command Injection in Wifi-soft's Unibox Controllers Affected Software: Unibox Controller Affected Versions: 0.x - 2.x Homepage: https://wifi-soft.com/unibox-controller/ Vulnerability: Remote Command Injection Severity: Critical Status: Not Fixed CVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8) CVE-ID Reference: CVE-2019-3497

Name: Remote Command Injection in Wifi-soft's Unibox Controllers Affected Software: Unibox Controller Affected Versions: 3.x Homepage: https://wifi-soft.com/unibox-controller/ Vulnerability: Remote Command Injection Severity: Critical Status: Not Fixed CVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8) CVE-ID Reference: CVE-2019-3496

I have posted all the technical details, POCs and root-cause analysis here: https://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/

Best Regards,

*Sahil Dhar * Information Security Consultant +91 9821544985

http://goog_555023787 [image: https://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/] https://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201903-0009",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "unibox",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "indionetworks",
        "version": null
      },
      {
        "model": "unibox",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "wifi soft",
        "version": "0.x to  2.x"
      },
      {
        "model": "unibox controller",
        "scope": "gte",
        "trust": 0.6,
        "vendor": "wifi soft",
        "version": "0.*,\u003c=2.*"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-00769"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002852"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-3495"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:indionetworks:unibox_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:indionetworks:unibox:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-3495"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Sahil Dhar",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "151077"
      }
    ],
    "trust": 0.1
  },
  "cve": "CVE-2019-3495",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "Single",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 9.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2019-3495",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2019-00769",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "VHN-154930",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 8.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2019-3495",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2019-3495",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-00769",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201903-759",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-154930",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-00769"
      },
      {
        "db": "VULHUB",
        "id": "VHN-154930"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002852"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-3495"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-759"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials. Wifi-soft UniBox controller The device contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Wifi-soft\u0027s UniboxControllers is a fast-paced network controller for all large and small venues. There is a remote code injection vulnerability in Wifi-soft\u0027s UniboxControllers. An attacker can exploit a vulnerability to inject arbitrary code. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements. \n\nName: Remote Code Injection in Wifi-soft\u0027s Unibox Controllers\nAffected Software: Unibox Controller\nAffected Versions: 0.x - 2.x\nHomepage: https://wifi-soft.com/unibox-controller/\nVulnerability: Remote Code Injection\nSeverity: Critical\nStatus: Not Fixed\nCVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8)\nCVE-ID Reference: CVE-2019-3495\n\n\nName: Remote Command Injection in Wifi-soft\u0027s Unibox Controllers\nAffected Software: Unibox Controller\nAffected Versions: 0.x - 2.x\nHomepage: https://wifi-soft.com/unibox-controller/\nVulnerability: Remote Command Injection\nSeverity: Critical\nStatus: Not Fixed\nCVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8)\nCVE-ID Reference: CVE-2019-3497\n\nName: Remote Command Injection in Wifi-soft\u0027s Unibox Controllers\nAffected Software: Unibox Controller\nAffected Versions: 3.x\nHomepage: https://wifi-soft.com/unibox-controller/\nVulnerability: Remote Command Injection\nSeverity: Critical\nStatus: Not Fixed\nCVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8)\nCVE-ID Reference: CVE-2019-3496\n\nI have posted all the technical details, POCs and root-cause analysis here:\nhttps://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/\n\n\nBest Regards,\n\n*Sahil Dhar                                  *\nInformation Security Consultant\n+91 9821544985\n\n\u003chttp://goog_555023787\u003e\n[image:\nhttps://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/]\n\u003chttps://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/\u003e\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-3495"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002852"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-00769"
      },
      {
        "db": "VULHUB",
        "id": "VHN-154930"
      },
      {
        "db": "PACKETSTORM",
        "id": "151077"
      }
    ],
    "trust": 2.34
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-3495",
        "trust": 3.2
      },
      {
        "db": "PACKETSTORM",
        "id": "151077",
        "trust": 1.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002852",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-759",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-00769",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-154930",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-00769"
      },
      {
        "db": "VULHUB",
        "id": "VHN-154930"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002852"
      },
      {
        "db": "PACKETSTORM",
        "id": "151077"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-3495"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-759"
      }
    ]
  },
  "id": "VAR-201903-0009",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-00769"
      },
      {
        "db": "VULHUB",
        "id": "VHN-154930"
      }
    ],
    "trust": 1.7
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-00769"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:08:11.554000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "UniBox - Access Controllers",
        "trust": 0.8,
        "url": "https://wifi-soft.com/unibox-controller/"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002852"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-434",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-798",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-154930"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002852"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-3495"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "https://sahildhar.github.io/blogpost/multiple-rce-vulnerabilties-in-unibox-controller-0.x-3.x/"
      },
      {
        "trust": 2.3,
        "url": "http://seclists.org/fulldisclosure/2019/jan/23"
      },
      {
        "trust": 2.3,
        "url": "http://packetstormsecurity.com/files/151077/wifi-soft-unibox-2.x-remote-command-code-injection.html"
      },
      {
        "trust": 1.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-3495"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3495"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-3497"
      },
      {
        "trust": 0.1,
        "url": "https://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/\u003e"
      },
      {
        "trust": 0.1,
        "url": "https://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/]"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-3496"
      },
      {
        "trust": 0.1,
        "url": "http://goog_555023787\u003e"
      },
      {
        "trust": 0.1,
        "url": "https://wifi-soft.com/unibox-controller/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-00769"
      },
      {
        "db": "VULHUB",
        "id": "VHN-154930"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002852"
      },
      {
        "db": "PACKETSTORM",
        "id": "151077"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-3495"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-759"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-00769"
      },
      {
        "db": "VULHUB",
        "id": "VHN-154930"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002852"
      },
      {
        "db": "PACKETSTORM",
        "id": "151077"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-3495"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-759"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-01-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-00769"
      },
      {
        "date": "2019-03-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-154930"
      },
      {
        "date": "2019-04-24T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-002852"
      },
      {
        "date": "2019-01-09T09:22:22",
        "db": "PACKETSTORM",
        "id": "151077"
      },
      {
        "date": "2019-03-21T16:01:04.187000",
        "db": "NVD",
        "id": "CVE-2019-3495"
      },
      {
        "date": "2019-03-21T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201903-759"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-01-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-00769"
      },
      {
        "date": "2019-03-26T00:00:00",
        "db": "VULHUB",
        "id": "VHN-154930"
      },
      {
        "date": "2019-04-24T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-002852"
      },
      {
        "date": "2021-09-13T11:10:00.477000",
        "db": "NVD",
        "id": "CVE-2019-3495"
      },
      {
        "date": "2021-07-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201903-759"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-759"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Wifi-soft UniBox controller Device unrestricted upload vulnerability type file vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002852"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "code problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-759"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2019-3495 (GCVE-0-2019-3495)

KEVIntel

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Public Report Successful Exploitation Confidence: 70% Source: kevintel

Details

References

CNVD-2019-00769

FKIE_CVE-2019-3495

GHSA-X3P7-M76V-6JXC

GSD-2019-3495

VAR-201903-0009

Tags

Sightings

Nomenclature