cvelistv5 - cve-2013-3963

▼	URL	Tags
	cve@mitre.org	http://seclists.org/fulldisclosure/2013/Jun/84

var-201310-0248

Vulnerability from variot

Cross-site request forgery (CSRF) vulnerability in goform/usermanage in Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models allows remote attackers to hijack the authentication of unspecified victims for requests that add users. The telnet service in multiple Grandstream products uses a built-in account that allows remote attackers to use this account to gain unauthorized access to factory reset or upgrade firmware. Grandstream is an IP phone, network video surveillance solution vendor. There are cross-site request forgery vulnerabilities in multiple products of the Grandstream WEB interface, allowing attackers to build malicious URIs, enticing login users to resolve, and performing malicious operations in the target user context, such as adding new users. The affected products are as follows: GXV3500GXV3501GXV3504GXV3601GXV3601HD/LLGXV3611HD/LLGXV3615W/PGXV3615WP_HDGXV3651FHDGXV3662HD. Grandstream multiple IP cameras including GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, and GXV3500 are prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks. Grandstream GXV3501 and others are network camera products of American Grandstream Networks (Grandstream) company. =============================================================================== GRANDSTREAM ==================================================================== ===============================================================================

1.Advisory Information Title: Grandstream Series Vulnerabilities Date Published: 12/06/2013 Date of last updated: 12/06/2013

2.Vulnerability Description The following vulnerability has been found in these devices: -CVE-2013-3542. Backdoor in Telnet Protocol(CAPEC-443) -CVE-2013-3962. Cross Site Scripting(CWE-79) -CVE-2013-3963. -CVE-2013-3542, CVE-2013-3962 and CVE-2013-3963. It\x92s possible others models are affected but they were not checked.

4.PoC 4.1.Backdoor in Telnet Protocol CVE-2013-3542, Backdoor in Telnet Protocol You should connect via telnet protocol to any camera affected (it's open by default). After all you should be introduce the magic string \x93 !#/ \x94 as Username and as Password. You will get the admin panel setting menu. If you type "help", the following commands are shown: ======================================================= help, quit, status, restart, restore, upgrade, tty_test ======================================================= @@@ restore (Reset settings to factory default)

The attacker can take the device control, so it's make this devices very vulnerables.

4.2.Cross Site Scripting (XSS) CVE-2013-3962, Cross Site Scripting non-persistent.

http://xx.xx.xx.xx/

4.3.Cross Site Request Forgery (CSRF) CVE-2013-3963, CSRF via GET method. A malicious user can try targeted attacks by sending a special CSRF vector. This allows you to manipulate web interface parameters. You should introduce the following URL to replicate the attack.

http://xx.xx.xx.xx/goform/usermanage?cmd=add&user.name=test3&user.password=test3&user.level=0

5.Credits -CVE-2013-3542, CVE-2013-3962 and CVE-2013-3963 were discovered by Jon\xe1s Ropero Castillo.

6.Report Timeline -2013-05-31: Students opens a ticket in order to notify the Grandstream Customer Support of the CVE-2013-3542. -2013-05-31: Grandstream team reports to the technical support to analyze the vulnerability. -2013-06-11: Students opens a ticket in order to notify the Grandstream Customer Support of the CVE-2013-3962 and CVE-2013-3963 vulnerabilities

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201310-0248",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "gxv device",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "grandstream",
        "version": "1.0.4.6"
      },
      {
        "model": "gxv device",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "grandstream",
        "version": "1.0.3.9"
      },
      {
        "model": "gxv device",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "grandstream",
        "version": "1.0.4.34"
      },
      {
        "model": "gxv device",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "grandstream",
        "version": "1.0.2.3"
      },
      {
        "model": "gxv device",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "grandstream",
        "version": "1.0.4.38"
      },
      {
        "model": "gxv device",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "grandstream",
        "version": "1.0.4.16"
      },
      {
        "model": "gxv device",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "grandstream",
        "version": "1.0.4.11"
      },
      {
        "model": "gxv device",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "grandstream",
        "version": "1.0.4.7"
      },
      {
        "model": "gxv device",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "grandstream",
        "version": "1.0.4.27"
      },
      {
        "model": "gxv device",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "grandstream",
        "version": "1.0.4.37"
      },
      {
        "model": "gxv3501 gxv3504 ip video encoders",
        "scope": "eq",
        "trust": 1.2,
        "vendor": "grandstream",
        "version": "/"
      },
      {
        "model": "gxv3500 ip video encoder/decoder",
        "scope": null,
        "trust": 1.2,
        "vendor": "grandstream",
        "version": null
      },
      {
        "model": "gxv series ip cameras",
        "scope": null,
        "trust": 1.2,
        "vendor": "grandstream",
        "version": null
      },
      {
        "model": "gxv3601hd\\/ll",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "grandstream",
        "version": null
      },
      {
        "model": "gxv3601",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "grandstream",
        "version": null
      },
      {
        "model": "gxv device",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "grandstream",
        "version": "1.0.4.42"
      },
      {
        "model": "gxv3611hd\\/ll",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "grandstream",
        "version": null
      },
      {
        "model": "gxv3651fhd",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "grandstream",
        "version": null
      },
      {
        "model": "gxv3615wp hd",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "grandstream",
        "version": null
      },
      {
        "model": "gxv3615w\\/p",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "grandstream",
        "version": null
      },
      {
        "model": "gxv3662hd",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "grandstream",
        "version": null
      },
      {
        "model": "gxv device",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "grandstream",
        "version": "1.0.4.43"
      },
      {
        "model": "gxv3501",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "grandstream",
        "version": null
      },
      {
        "model": "gxv device",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "grandstream",
        "version": "1.0.4.39"
      },
      {
        "model": "gxv3504",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "grandstream",
        "version": null
      },
      {
        "model": "gxv3500",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "grandstream",
        "version": null
      },
      {
        "model": "gxv",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "grandstream",
        "version": "1.0.4.43"
      },
      {
        "model": "gxv3500",
        "scope": null,
        "trust": 0.8,
        "vendor": "grandstream",
        "version": null
      },
      {
        "model": "gxv3501",
        "scope": null,
        "trust": 0.8,
        "vendor": "grandstream",
        "version": null
      },
      {
        "model": "gxv3504",
        "scope": null,
        "trust": 0.8,
        "vendor": "grandstream",
        "version": null
      },
      {
        "model": "gxv3601",
        "scope": null,
        "trust": 0.8,
        "vendor": "grandstream",
        "version": null
      },
      {
        "model": "gxv3601hd/ll",
        "scope": null,
        "trust": 0.8,
        "vendor": "grandstream",
        "version": null
      },
      {
        "model": "gxv3611hd/ll",
        "scope": null,
        "trust": 0.8,
        "vendor": "grandstream",
        "version": null
      },
      {
        "model": "gxv3615w/p",
        "scope": null,
        "trust": 0.8,
        "vendor": "grandstream",
        "version": null
      },
      {
        "model": "gxv3615wp hd",
        "scope": null,
        "trust": 0.8,
        "vendor": "grandstream",
        "version": null
      },
      {
        "model": "gxv3651fhd",
        "scope": null,
        "trust": 0.8,
        "vendor": "grandstream",
        "version": null
      },
      {
        "model": "gxv3662hd",
        "scope": null,
        "trust": 0.8,
        "vendor": "grandstream",
        "version": null
      },
      {
        "model": "gxv3662hd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "grandstream",
        "version": "0"
      },
      {
        "model": "gxv3651fhd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "grandstream",
        "version": "0"
      },
      {
        "model": "gxv3615wp hd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "grandstream",
        "version": "0"
      },
      {
        "model": "gxv3615w/p",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "grandstream",
        "version": "0"
      },
      {
        "model": "gxv3611hd/ll",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "grandstream",
        "version": "0"
      },
      {
        "model": "gxv3601hd/ll",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "grandstream",
        "version": "0"
      },
      {
        "model": "gxv3601",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "grandstream",
        "version": "0"
      },
      {
        "model": "gxv3504",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "grandstream",
        "version": "0"
      },
      {
        "model": "gxv3501",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "grandstream",
        "version": "0"
      },
      {
        "model": "gxv3500",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "grandstream",
        "version": "0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-08565"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-08564"
      },
      {
        "db": "BID",
        "id": "60532"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004459"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3963"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-258"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.0.4.43",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.4.39:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.4.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.3.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.4.37:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.4.34:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.4.27:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.4.16:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.4.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.4.42:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.4.38:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.2.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:grandstream:gxv3501:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:grandstream:gxv3504:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:grandstream:gxv3601:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:grandstream:gxv3611hd\\/ll:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:grandstream:gxv3651fhd:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:grandstream:gxv3662hd:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:grandstream:gxv3615wp_hd:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:grandstream:gxv3500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:grandstream:gxv3601hd\\/ll:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:grandstream:gxv3615w\\/p:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-3963"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "JonAis Ropero Castillo",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-258"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2013-3963",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 6.8,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2013-3963",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CNVD-2013-08565",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 3.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 6.8,
            "id": "CNVD-2013-08564",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-63965",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2013-3963",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-08565",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-08564",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201306-258",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-63965",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-08565"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-08564"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63965"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004459"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3963"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-258"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cross-site request forgery (CSRF) vulnerability in goform/usermanage in Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models allows remote attackers to hijack the authentication of unspecified victims for requests that add users. The telnet service in multiple Grandstream products uses a built-in account that allows remote attackers to use this account to gain unauthorized access to factory reset or upgrade firmware. Grandstream is an IP phone, network video surveillance solution vendor. There are cross-site request forgery vulnerabilities in multiple products of the Grandstream WEB interface, allowing attackers to build malicious URIs, enticing login users to resolve, and performing malicious operations in the target user context, such as adding new users. The affected products are as follows: GXV3500GXV3501GXV3504GXV3601GXV3601HD/LLGXV3611HD/LLGXV3615W/PGXV3615WP_HDGXV3651FHDGXV3662HD. Grandstream multiple IP cameras  including GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL,  GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, and GXV3500 are prone to a cross-site request-forgery vulnerability. \nExploiting this issue may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks. Grandstream GXV3501 and others are network camera products of American Grandstream Networks (Grandstream) company. ===============================================================================\nGRANDSTREAM\n====================================================================\n===============================================================================\n\n1.Advisory Information\nTitle: Grandstream Series Vulnerabilities\nDate Published: 12/06/2013\nDate of last updated: 12/06/2013\n\n2.Vulnerability Description\nThe following vulnerability has been found in these devices:\n-CVE-2013-3542. Backdoor in Telnet Protocol(CAPEC-443)\n-CVE-2013-3962. Cross Site Scripting(CWE-79)\n-CVE-2013-3963. \n-CVE-2013-3542, CVE-2013-3962 and CVE-2013-3963. \nIt\\x92s possible others models are affected but they were not checked. \n\n4.PoC\n4.1.Backdoor in Telnet Protocol\nCVE-2013-3542, Backdoor in Telnet Protocol\nYou should connect via telnet protocol to any camera affected (it\u0027s open by default). \nAfter all you should be introduce the magic string \\x93 !#/ \\x94 as Username and as Password. \nYou will get the admin panel setting menu. If you type \"help\", the following commands are shown:\n=======================================================\nhelp, quit, status, restart, restore, upgrade, tty_test\n=======================================================\n @@@ restore (Reset settings to factory default)\n\nThe attacker can take the device control, so it\u0027s make this devices very vulnerables. \n\n4.2.Cross Site Scripting (XSS)\nCVE-2013-3962, Cross Site Scripting non-persistent. \n_____________________________________________________________________________\nhttp://xx.xx.xx.xx/\u003cscript\u003ealert(123)\u003c/script\u003e\n_____________________________________________________________________________\n\n4.3.Cross Site Request Forgery (CSRF)\nCVE-2013-3963, CSRF via GET method. \nA malicious user can try targeted attacks by sending a special CSRF vector. This allows you to manipulate web interface parameters. \nYou should introduce the following URL to replicate the attack. \n_____________________________________________________________________________\nhttp://xx.xx.xx.xx/goform/usermanage?cmd=add\u0026user.name=test3\u0026user.password=test3\u0026user.level=0\n_____________________________________________________________________________\n\n5.Credits\n-CVE-2013-3542, CVE-2013-3962 and CVE-2013-3963 were discovered by Jon\\xe1s Ropero Castillo. \n\n6.Report Timeline\n-2013-05-31: Students opens a ticket in order to notify the Grandstream Customer Support of the CVE-2013-3542. \n-2013-05-31: Grandstream team reports to the technical support to analyze the vulnerability. \n-2013-06-11: Students opens a ticket in order to notify the Grandstream Customer Support of the CVE-2013-3962 and CVE-2013-3963 vulnerabilities",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-3963"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004459"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-08565"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-08564"
      },
      {
        "db": "BID",
        "id": "60532"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63965"
      },
      {
        "db": "PACKETSTORM",
        "id": "122004"
      }
    ],
    "trust": 3.15
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-63965",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-63965"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-3963",
        "trust": 3.5
      },
      {
        "db": "BID",
        "id": "60532",
        "trust": 1.6
      },
      {
        "db": "PACKETSTORM",
        "id": "122004",
        "trust": 1.3
      },
      {
        "db": "SECUNIA",
        "id": "53763",
        "trust": 1.2
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004459",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-258",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-08565",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-08564",
        "trust": 0.6
      },
      {
        "db": "FULLDISC",
        "id": "20130612 SECURITY ANALYSIS OF IP VIDEO SURVEILLANCE CAMERAS",
        "trust": 0.6
      },
      {
        "db": "EXPLOIT-DB",
        "id": "38584",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-63965",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-08565"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-08564"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63965"
      },
      {
        "db": "BID",
        "id": "60532"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004459"
      },
      {
        "db": "PACKETSTORM",
        "id": "122004"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3963"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-258"
      }
    ]
  },
  "id": "VAR-201310-0248",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-08565"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-08564"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63965"
      }
    ],
    "trust": 1.9419642857142856
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 1.2
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-08565"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-08564"
      }
    ]
  },
  "last_update_date": "2023-12-18T11:23:49.714000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.grandstream.com/"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004459"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-352",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-63965"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004459"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3963"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.8,
        "url": "http://seclists.org/fulldisclosure/2013/jun/84"
      },
      {
        "trust": 1.2,
        "url": "http://www.secunia.com/advisories/53763/"
      },
      {
        "trust": 1.2,
        "url": "http://packetstormsecurity.com/files/122004/grandstream-backdoor-cross-site-request-forgery-cross-site-scripting.html"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3963"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3963"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/60532"
      },
      {
        "trust": 0.3,
        "url": "http://www.grandstream.com/index.php/products/ip-video-surveillance"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-3963"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-3542"
      },
      {
        "trust": 0.1,
        "url": "http://xx.xx.xx.xx/\u003cscript\u003ealert(123)\u003c/script\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://xx.xx.xx.xx/goform/usermanage?cmd=add\u0026user.name=test3\u0026user.password=test3\u0026user.level=0"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-3962"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-08565"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-08564"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63965"
      },
      {
        "db": "BID",
        "id": "60532"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004459"
      },
      {
        "db": "PACKETSTORM",
        "id": "122004"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3963"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-258"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-08565"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-08564"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63965"
      },
      {
        "db": "BID",
        "id": "60532"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004459"
      },
      {
        "db": "PACKETSTORM",
        "id": "122004"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3963"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-258"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-07-02T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-08565"
      },
      {
        "date": "2013-07-02T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-08564"
      },
      {
        "date": "2013-10-01T00:00:00",
        "db": "VULHUB",
        "id": "VHN-63965"
      },
      {
        "date": "2013-06-12T00:00:00",
        "db": "BID",
        "id": "60532"
      },
      {
        "date": "2013-10-04T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-004459"
      },
      {
        "date": "2013-06-13T06:12:41",
        "db": "PACKETSTORM",
        "id": "122004"
      },
      {
        "date": "2013-10-01T19:55:09.443000",
        "db": "NVD",
        "id": "CVE-2013-3963"
      },
      {
        "date": "2013-06-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201306-258"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-07-03T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-08565"
      },
      {
        "date": "2013-07-03T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-08564"
      },
      {
        "date": "2013-10-02T00:00:00",
        "db": "VULHUB",
        "id": "VHN-63965"
      },
      {
        "date": "2013-06-12T00:00:00",
        "db": "BID",
        "id": "60532"
      },
      {
        "date": "2013-10-04T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-004459"
      },
      {
        "date": "2013-10-02T17:14:00.363000",
        "db": "NVD",
        "id": "CVE-2013-3963"
      },
      {
        "date": "2013-10-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201306-258"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-258"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Grandstream Product  goform/usermanage Vulnerable to cross-site request forgery",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004459"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "cross-site request forgery",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-258"
      }
    ],
    "trust": 0.6
  }
}

ghsa-8288-mq64-5w63

Vulnerability from github

Published

2022-05-17 05:03

Modified

2022-05-17 05:03

Details

Cross-site request forgery (CSRF) vulnerability in goform/usermanage in Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models allows remote attackers to hijack the authentication of unspecified victims for requests that add users.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-3963"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-352"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-10-01T19:55:00Z",
    "severity": "MODERATE"
  },
  "details": "Cross-site request forgery (CSRF) vulnerability in goform/usermanage in Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models allows remote attackers to hijack the authentication of unspecified victims for requests that add users.",
  "id": "GHSA-8288-mq64-5w63",
  "modified": "2022-05-17T05:03:35Z",
  "published": "2022-05-17T05:03:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-3963"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2013/Jun/84"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

gsd-2013-3963

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Cross-site request forgery (CSRF) vulnerability in goform/usermanage in Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models allows remote attackers to hijack the authentication of unspecified victims for requests that add users.

Aliases

CVE-2013-3963

Aliases

CVE-2013-3963

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-3963",
    "description": "Cross-site request forgery (CSRF) vulnerability in goform/usermanage in Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models allows remote attackers to hijack the authentication of unspecified victims for requests that add users.",
    "id": "GSD-2013-3963",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2013-3963"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-3963"
      ],
      "details": "Cross-site request forgery (CSRF) vulnerability in goform/usermanage in Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models allows remote attackers to hijack the authentication of unspecified victims for requests that add users.",
      "id": "GSD-2013-3963",
      "modified": "2023-12-13T01:22:22.377748Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2013-3963",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cross-site request forgery (CSRF) vulnerability in goform/usermanage in Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models allows remote attackers to hijack the authentication of unspecified victims for requests that add users."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20130612 Security Analysis of IP video surveillance cameras",
            "refsource": "FULLDISC",
            "url": "http://seclists.org/fulldisclosure/2013/Jun/84"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.0.4.43",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.4.39:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.4.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.3.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.4.37:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.4.34:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.4.27:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.4.16:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.4.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.4.42:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.4.38:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:grandstream:gxv_device_firmware:1.0.2.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:grandstream:gxv3501:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:grandstream:gxv3504:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:grandstream:gxv3601:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:grandstream:gxv3611hd\\/ll:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:grandstream:gxv3651fhd:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:grandstream:gxv3662hd:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:grandstream:gxv3615wp_hd:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:grandstream:gxv3500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:grandstream:gxv3601hd\\/ll:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:grandstream:gxv3615w\\/p:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-3963"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cross-site request forgery (CSRF) vulnerability in goform/usermanage in Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models allows remote attackers to hijack the authentication of unspecified victims for requests that add users."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-352"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20130612 Security Analysis of IP video surveillance cameras",
              "refsource": "FULLDISC",
              "tags": [],
              "url": "http://seclists.org/fulldisclosure/2013/Jun/84"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2013-10-02T17:14Z",
      "publishedDate": "2013-10-01T19:55Z"
    }
  }
}

cve-2013-3963

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature

Action not permitted

cve-2013-3963

Vulnerability from cvelistv5

var-201310-0248

Vulnerability from variot

ghsa-8288-mq64-5w63

Vulnerability from github

gsd-2013-3963

Vulnerability from gsd

Tags

Sightings

Nomenclature