cvelistv5 - cve-2013-4630

CVE-2013-4630 (GCVE-0-2013-4630)

Vulnerability from cvelistv5 – Published: 2013-06-20 15:00 – Updated: 2024-08-06 16:52

Summary

Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.exploit-db.com/exploits/25295	exploitx_refsource_EXPLOIT-DB
	http://www.huawei.com/en/security/psirt/security-…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:52:26.975Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "25295",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/25295"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-03-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-11-02T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "25295",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/25295"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-4630",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "25295",
              "refsource": "EXPLOIT-DB",
              "url": "http://www.exploit-db.com/exploits/25295"
            },
            {
              "name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2013-4630",
    "datePublished": "2013-06-20T15:00:00",
    "dateReserved": "2013-06-20T00:00:00",
    "dateUpdated": "2024-08-06T16:52:26.975Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_1200:v200r001:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"91C15137-0BE6-4A8A-BBE4-835CE9D55EED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_1200:v200r002:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4EBC7873-F277-4567-882C-759335670BCE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_1200:v200r003:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"422CF4F4-DC3F-45A3-9D05-ABF9DE5621AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_150:v200r001:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC5201F6-1A0C-434A-8A7A-B194A89611A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_150:v200r002:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7428959D-CF8A-420E-969B-97EAD38A2FB0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_150:v200r003:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6307C68F-931C-4D87-9CC1-B3431CAB0C11\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_200:v200r001:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E243DC77-196A-4B4A-B2E6-30F4B634F419\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_200:v200r002:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7EEED571-6638-464C-AE91-8B8DCBD87A43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_200:v200r003:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5BAD81D8-2385-42CE-A147-7C23AD80A693\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_2200:v200r001:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA95EF1E-1309-4348-B1C0-9EF668DF774F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_2200:v200r002:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6EBEFD7D-EA06-4017-A276-8B4741C9C51F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_2200:v200r003:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"90670CC0-1434-4DCA-8D85-0ABCF76C9A1C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_3200:v200r001:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2445F89-743C-4A9A-AEAD-8428F0DC50AE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_3200:v200r002:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8FE1931-1585-4E9E-971D-1DA89C4ED59A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:huawei:ar_3200:v200r003:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D69F769D-C3B0-459C-92BE-57CA645AFD15\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests.\"}, {\"lang\": \"es\", \"value\": \"Desbordamiento de b\\u00fafer basado en pila en los router Huawei AR 150, 200, 1200, 2200, y 3200, cuando el depurado SNMPv3 est\\u00e1 habilitado, permite a atacantes remotos ejecutar c\\u00f3digo a trav\\u00e9s de peticiones SNMPv3 malformadas.\"}]",
      "id": "CVE-2013-4630",
      "lastModified": "2024-11-21T01:55:58.107",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:H/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.6, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"HIGH\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 4.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2013-06-20T15:55:01.070",
      "references": "[{\"url\": \"http://www.exploit-db.com/exploits/25295\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.exploit-db.com/exploits/25295\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-4630\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2013-06-20T15:55:01.070\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de b\u00fafer basado en pila en los router Huawei AR 150, 200, 1200, 2200, y 3200, cuando el depurado SNMPv3 est\u00e1 habilitado, permite a atacantes remotos ejecutar c\u00f3digo a trav\u00e9s de peticiones SNMPv3 malformadas.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:C/I:C/A:C\",\"baseScore\":7.6,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":4.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_1200:v200r001:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91C15137-0BE6-4A8A-BBE4-835CE9D55EED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_1200:v200r002:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EBC7873-F277-4567-882C-759335670BCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_1200:v200r003:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"422CF4F4-DC3F-45A3-9D05-ABF9DE5621AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_150:v200r001:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC5201F6-1A0C-434A-8A7A-B194A89611A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_150:v200r002:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7428959D-CF8A-420E-969B-97EAD38A2FB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_150:v200r003:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6307C68F-931C-4D87-9CC1-B3431CAB0C11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_200:v200r001:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E243DC77-196A-4B4A-B2E6-30F4B634F419\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_200:v200r002:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EEED571-6638-464C-AE91-8B8DCBD87A43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_200:v200r003:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BAD81D8-2385-42CE-A147-7C23AD80A693\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_2200:v200r001:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA95EF1E-1309-4348-B1C0-9EF668DF774F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_2200:v200r002:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EBEFD7D-EA06-4017-A276-8B4741C9C51F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_2200:v200r003:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90670CC0-1434-4DCA-8D85-0ABCF76C9A1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_3200:v200r001:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2445F89-743C-4A9A-AEAD-8428F0DC50AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_3200:v200r002:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8FE1931-1585-4E9E-971D-1DA89C4ED59A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:huawei:ar_3200:v200r003:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D69F769D-C3B0-459C-92BE-57CA645AFD15\"}]}]}],\"references\":[{\"url\":\"http://www.exploit-db.com/exploits/25295\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.exploit-db.com/exploits/25295\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

VAR-201306-0349

Vulnerability from variot - Updated: 2023-12-18 13:14

Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests. Huawei AR series routers are Huawei's proprietary VRP-based next-generation enterprise routers that integrate routing, switching, 3G, WLAN, voice, and security functions. An attacker could exploit the vulnerability to execute arbitrary code in the context of an affected application. A failed vulnerability attempt could result in a denial of service condition. Huawei Access Router (AR) is a low-end router product developed by Huawei in China. This product provides mobile and fixed network access methods, suitable for enterprise networks. Huawei uses SNMPv3 for network and device management

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201306-0349",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ar 200",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v200r002"
      },
      {
        "model": "ar 2200",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v200r003"
      },
      {
        "model": "ar 1200",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v200r002"
      },
      {
        "model": "ar 1200",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v200r001"
      },
      {
        "model": "ar 3200",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v200r003"
      },
      {
        "model": "ar 2200",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v200r001"
      },
      {
        "model": "ar 2200",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v200r002"
      },
      {
        "model": "ar 3200",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v200r001"
      },
      {
        "model": "ar 1200",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v200r003"
      },
      {
        "model": "ar 200",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "huawei",
        "version": "v200r003"
      },
      {
        "model": "ar 200",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "v200r001"
      },
      {
        "model": "ar 3200",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "v200r002"
      },
      {
        "model": "ar 150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "v200r001"
      },
      {
        "model": "ar 150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "v200r003"
      },
      {
        "model": "ar 150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "v200r002"
      },
      {
        "model": "ar1200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r001"
      },
      {
        "model": "ar1200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r002"
      },
      {
        "model": "ar1200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r003"
      },
      {
        "model": "ar150",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r001"
      },
      {
        "model": "ar150",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r002"
      },
      {
        "model": "ar150",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r003"
      },
      {
        "model": "ar200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r001"
      },
      {
        "model": "ar200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r002"
      },
      {
        "model": "ar200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r003"
      },
      {
        "model": "ar2200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r001"
      },
      {
        "model": "ar2200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r002"
      },
      {
        "model": "ar2200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r003"
      },
      {
        "model": "ar3200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r001"
      },
      {
        "model": "ar3200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r002"
      },
      {
        "model": "ar3200",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "v200r003"
      },
      {
        "model": "ar series routers",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "3200"
      },
      {
        "model": "ar series routers",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "2200"
      },
      {
        "model": "ar series routers",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "200"
      },
      {
        "model": "ar series routers",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "150"
      },
      {
        "model": "ar series routers",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "1200"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04917"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003089"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4630"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-410"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_1200:v200r002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_1200:v200r003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_200:v200r003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_1200:v200r001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_3200:v200r002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_3200:v200r003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_200:v200r001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_200:v200r002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_2200:v200r003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_3200:v200r001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_150:v200r001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_150:v200r002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_150:v200r003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_2200:v200r001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_2200:v200r002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-4630"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Roberto Paleari",
    "sources": [
      {
        "db": "BID",
        "id": "59662"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2013-4630",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.6,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 4.9,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "High",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.6,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2013-4630",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.6,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 4.9,
            "id": "CNVD-2013-04917",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.6,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 4.9,
            "id": "VHN-64632",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:H/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2013-4630",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-04917",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201306-410",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-64632",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04917"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64632"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003089"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4630"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-410"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests. Huawei AR series routers are Huawei\u0027s proprietary VRP-based next-generation enterprise routers that integrate routing, switching, 3G, WLAN, voice, and security functions. An attacker could exploit the vulnerability to execute arbitrary code in the context of an affected application. A failed vulnerability attempt could result in a denial of service condition. Huawei Access Router (AR) is a low-end router product developed by Huawei in China. This product provides mobile and fixed network access methods, suitable for enterprise networks. Huawei uses SNMPv3 for network and device management",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-4630"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003089"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-04917"
      },
      {
        "db": "BID",
        "id": "59662"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64632"
      }
    ],
    "trust": 2.52
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-64632",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-64632"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-4630",
        "trust": 3.4
      },
      {
        "db": "EXPLOIT-DB",
        "id": "25295",
        "trust": 1.1
      },
      {
        "db": "BID",
        "id": "59662",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003089",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-410",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-04917",
        "trust": 0.6
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-78960",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-64632",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04917"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64632"
      },
      {
        "db": "BID",
        "id": "59662"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003089"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4630"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-410"
      }
    ]
  },
  "id": "VAR-201306-0349",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04917"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64632"
      }
    ],
    "trust": 1.7
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04917"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:14:56.604000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Huawei-SA-20130313-01",
        "trust": 0.8,
        "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm"
      },
      {
        "title": "Huawei AR Series Router SNMPv3 Remote Stack Buffer Overflow Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/33826"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04917"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003089"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-64632"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003089"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4630"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm"
      },
      {
        "trust": 1.1,
        "url": "http://www.exploit-db.com/exploits/25295"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4630"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4630"
      },
      {
        "trust": 0.3,
        "url": "http://www.huawei.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04917"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64632"
      },
      {
        "db": "BID",
        "id": "59662"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003089"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4630"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-410"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04917"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64632"
      },
      {
        "db": "BID",
        "id": "59662"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003089"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4630"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-410"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-05-08T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-04917"
      },
      {
        "date": "2013-06-20T00:00:00",
        "db": "VULHUB",
        "id": "VHN-64632"
      },
      {
        "date": "2013-03-13T00:00:00",
        "db": "BID",
        "id": "59662"
      },
      {
        "date": "2013-06-24T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-003089"
      },
      {
        "date": "2013-06-20T15:55:01.070000",
        "db": "NVD",
        "id": "CVE-2013-4630"
      },
      {
        "date": "2013-06-21T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201306-410"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-05-08T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-04917"
      },
      {
        "date": "2013-11-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-64632"
      },
      {
        "date": "2015-03-19T09:49:00",
        "db": "BID",
        "id": "59662"
      },
      {
        "date": "2013-06-24T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-003089"
      },
      {
        "date": "2013-11-03T03:34:00.850000",
        "db": "NVD",
        "id": "CVE-2013-4630"
      },
      {
        "date": "2013-06-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201306-410"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-410"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Huawei AR Router stack-based buffer overflow vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003089"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-410"
      }
    ],
    "trust": 0.6
  }
}

GHSA-H5PJ-VH3H-Q27R

Vulnerability from github – Published: 2022-05-17 04:58 – Updated: 2022-05-17 04:58

Details

Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-4630"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-06-20T15:55:00Z",
    "severity": "HIGH"
  },
  "details": "Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests.",
  "id": "GHSA-h5pj-vh3h-q27r",
  "modified": "2022-05-17T04:58:37Z",
  "published": "2022-05-17T04:58:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4630"
    },
    {
      "type": "WEB",
      "url": "http://www.exploit-db.com/exploits/25295"
    },
    {
      "type": "WEB",
      "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2013-4630

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests.

Aliases

CVE-2013-4630

Aliases

CVE-2013-4630

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-4630",
    "description": "Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests.",
    "id": "GSD-2013-4630"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-4630"
      ],
      "details": "Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests.",
      "id": "GSD-2013-4630",
      "modified": "2023-12-13T01:22:16.420766Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2013-4630",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "25295",
            "refsource": "EXPLOIT-DB",
            "url": "http://www.exploit-db.com/exploits/25295"
          },
          {
            "name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm",
            "refsource": "CONFIRM",
            "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_1200:v200r002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_1200:v200r003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_200:v200r003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_1200:v200r001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_3200:v200r002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_3200:v200r003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_200:v200r001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_200:v200r002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_2200:v200r003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_3200:v200r001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_150:v200r001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_150:v200r002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_150:v200r003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_2200:v200r001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:huawei:ar_2200:v200r002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-4630"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm"
            },
            {
              "name": "25295",
              "refsource": "EXPLOIT-DB",
              "tags": [],
              "url": "http://www.exploit-db.com/exploits/25295"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.6,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 4.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2013-11-03T03:34Z",
      "publishedDate": "2013-06-20T15:55Z"
    }
  }
}

FKIE_CVE-2013-4630

Vulnerability from fkie_nvd - Published: 2013-06-20 15:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests.

References

URL	Tags
cve@mitre.org	http://www.exploit-db.com/exploits/25295
cve@mitre.org	http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.exploit-db.com/exploits/25295
af854a3a-2127-422b-91ae-364da2661108	http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm	Vendor Advisory

Impacted products

Vendor	Product	Version
huawei	ar_1200	v200r001
huawei	ar_1200	v200r002
huawei	ar_1200	v200r003
huawei	ar_150	v200r001
huawei	ar_150	v200r002
huawei	ar_150	v200r003
huawei	ar_200	v200r001
huawei	ar_200	v200r002
huawei	ar_200	v200r003
huawei	ar_2200	v200r001
huawei	ar_2200	v200r002
huawei	ar_2200	v200r003
huawei	ar_3200	v200r001
huawei	ar_3200	v200r002
huawei	ar_3200	v200r003

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:ar_1200:v200r001:*:*:*:*:*:*:*",
              "matchCriteriaId": "91C15137-0BE6-4A8A-BBE4-835CE9D55EED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_1200:v200r002:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EBC7873-F277-4567-882C-759335670BCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_1200:v200r003:*:*:*:*:*:*:*",
              "matchCriteriaId": "422CF4F4-DC3F-45A3-9D05-ABF9DE5621AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_150:v200r001:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC5201F6-1A0C-434A-8A7A-B194A89611A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_150:v200r002:*:*:*:*:*:*:*",
              "matchCriteriaId": "7428959D-CF8A-420E-969B-97EAD38A2FB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_150:v200r003:*:*:*:*:*:*:*",
              "matchCriteriaId": "6307C68F-931C-4D87-9CC1-B3431CAB0C11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_200:v200r001:*:*:*:*:*:*:*",
              "matchCriteriaId": "E243DC77-196A-4B4A-B2E6-30F4B634F419",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_200:v200r002:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EEED571-6638-464C-AE91-8B8DCBD87A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_200:v200r003:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BAD81D8-2385-42CE-A147-7C23AD80A693",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_2200:v200r001:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA95EF1E-1309-4348-B1C0-9EF668DF774F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_2200:v200r002:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EBEFD7D-EA06-4017-A276-8B4741C9C51F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_2200:v200r003:*:*:*:*:*:*:*",
              "matchCriteriaId": "90670CC0-1434-4DCA-8D85-0ABCF76C9A1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_3200:v200r001:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2445F89-743C-4A9A-AEAD-8428F0DC50AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_3200:v200r002:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8FE1931-1585-4E9E-971D-1DA89C4ED59A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:huawei:ar_3200:v200r003:*:*:*:*:*:*:*",
              "matchCriteriaId": "D69F769D-C3B0-459C-92BE-57CA645AFD15",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow on Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 debugging is enabled, allows remote attackers to execute arbitrary code via malformed SNMPv3 requests."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en los router Huawei AR 150, 200, 1200, 2200, y 3200, cuando el depurado SNMPv3 est\u00e1 habilitado, permite a atacantes remotos ejecutar c\u00f3digo a trav\u00e9s de peticiones SNMPv3 malformadas."
    }
  ],
  "id": "CVE-2013-4630",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.6,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-06-20T15:55:01.070",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.exploit-db.com/exploits/25295"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.exploit-db.com/exploits/25295"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-260626.htm"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2013-4630 (GCVE-0-2013-4630)

VAR-201306-0349

GHSA-H5PJ-VH3H-Q27R

GSD-2013-4630

FKIE_CVE-2013-4630

Tags

Sightings

Nomenclature