CVE-2014-9020 (GCVE-0-2014-9020)

Vulnerability from cvelistv5 – Published: 2014-11-20 17:00 – Updated: 2024-08-06 13:33

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/archive/1/533930/100…	mailing-listx_refsource_BUGTRAQ
	http://packetstormsecurity.com/files/129016/ZTE-8…	x_refsource_MISC
	http://www.securityfocus.com/bid/70984	vdb-entryx_refsource_BID
	http://packetstormsecurity.com/files/129017/ZTE-Z…	x_refsource_MISC
	http://www.securityfocus.com/bid/70985	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/archive/1/533931/100…	mailing-listx_refsource_BUGTRAQ

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:33:13.374Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20141106 ZTE 831CII Multiple Vulnerablities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/533930/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/129016/ZTE-831CII-Hardcoded-Credential-XSS-CSRF.html"
          },
          {
            "name": "70984",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/70984"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/129017/ZTE-ZXDSL-831-Cross-Site-Scripting.html"
          },
          {
            "name": "70985",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/70985"
          },
          {
            "name": "zte831cii-psilan-xss(98584)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98584"
          },
          {
            "name": "20141106 ZTE ZXDSL 831 Multiple Cross Site Scripting",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/533931/100/0/threaded"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-11-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in the Quick Stats page (psilan.cgi) in ZTE ZXDSL 831 and 831CII allows remote attackers to inject arbitrary web script or HTML via the domainname parameter in a save action.  NOTE: this issue was SPLIT from CVE-2014-9021 per ADT1 due to different affected products and codebases."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20141106 ZTE 831CII Multiple Vulnerablities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/533930/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/129016/ZTE-831CII-Hardcoded-Credential-XSS-CSRF.html"
        },
        {
          "name": "70984",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/70984"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/129017/ZTE-ZXDSL-831-Cross-Site-Scripting.html"
        },
        {
          "name": "70985",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/70985"
        },
        {
          "name": "zte831cii-psilan-xss(98584)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98584"
        },
        {
          "name": "20141106 ZTE ZXDSL 831 Multiple Cross Site Scripting",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/533931/100/0/threaded"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9020",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in the Quick Stats page (psilan.cgi) in ZTE ZXDSL 831 and 831CII allows remote attackers to inject arbitrary web script or HTML via the domainname parameter in a save action.  NOTE: this issue was SPLIT from CVE-2014-9021 per ADT1 due to different affected products and codebases."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20141106 ZTE 831CII Multiple Vulnerablities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/533930/100/0/threaded"
            },
            {
              "name": "http://packetstormsecurity.com/files/129016/ZTE-831CII-Hardcoded-Credential-XSS-CSRF.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/129016/ZTE-831CII-Hardcoded-Credential-XSS-CSRF.html"
            },
            {
              "name": "70984",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/70984"
            },
            {
              "name": "http://packetstormsecurity.com/files/129017/ZTE-ZXDSL-831-Cross-Site-Scripting.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/129017/ZTE-ZXDSL-831-Cross-Site-Scripting.html"
            },
            {
              "name": "70985",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/70985"
            },
            {
              "name": "zte831cii-psilan-xss(98584)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98584"
            },
            {
              "name": "20141106 ZTE ZXDSL 831 Multiple Cross Site Scripting",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/533931/100/0/threaded"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9020",
    "datePublished": "2014-11-20T17:00:00",
    "dateReserved": "2014-11-20T00:00:00",
    "dateUpdated": "2024-08-06T13:33:13.374Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:zte:zxdsl_831:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"40186569-78C8-44FE-8E16-435015928522\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:zte:zxdsl_831cii:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A650E89-071F-4151-A113-A68B43092ECF\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cross-site scripting (XSS) vulnerability in the Quick Stats page (psilan.cgi) in ZTE ZXDSL 831 and 831CII allows remote attackers to inject arbitrary web script or HTML via the domainname parameter in a save action.  NOTE: this issue was SPLIT from CVE-2014-9021 per ADT1 due to different affected products and codebases.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de XSS en la p\\u00e1gina Quick Stats (psilan.cgi) en ZTE ZXDSL 831 y 831CII permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\\u00e9s del par\\u00e1metro domainname en una acci\\u00f3n save (guardar). NOTA: este problema fue separado (SPLIT) de CVE-2014-9021 por ADT1 debido a los diferentes productos y bases de c\\u00f3digo afectados.\"}]",
      "id": "CVE-2014-9020",
      "lastModified": "2024-11-21T02:20:06.250",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2014-11-20T17:50:08.973",
      "references": "[{\"url\": \"http://packetstormsecurity.com/files/129016/ZTE-831CII-Hardcoded-Credential-XSS-CSRF.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://packetstormsecurity.com/files/129017/ZTE-ZXDSL-831-Cross-Site-Scripting.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/533930/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/533931/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/70984\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/70985\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/98584\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://packetstormsecurity.com/files/129016/ZTE-831CII-Hardcoded-Credential-XSS-CSRF.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://packetstormsecurity.com/files/129017/ZTE-ZXDSL-831-Cross-Site-Scripting.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/533930/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/533931/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/70984\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/70985\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/98584\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-9020\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2014-11-20T17:50:08.973\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cross-site scripting (XSS) vulnerability in the Quick Stats page (psilan.cgi) in ZTE ZXDSL 831 and 831CII allows remote attackers to inject arbitrary web script or HTML via the domainname parameter in a save action.  NOTE: this issue was SPLIT from CVE-2014-9021 per ADT1 due to different affected products and codebases.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de XSS en la p\u00e1gina Quick Stats (psilan.cgi) en ZTE ZXDSL 831 y 831CII permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s del par\u00e1metro domainname en una acci\u00f3n save (guardar). NOTA: este problema fue separado (SPLIT) de CVE-2014-9021 por ADT1 debido a los diferentes productos y bases de c\u00f3digo afectados.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:zte:zxdsl_831:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40186569-78C8-44FE-8E16-435015928522\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:zte:zxdsl_831cii:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A650E89-071F-4151-A113-A68B43092ECF\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/129016/ZTE-831CII-Hardcoded-Credential-XSS-CSRF.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://packetstormsecurity.com/files/129017/ZTE-ZXDSL-831-Cross-Site-Scripting.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securityfocus.com/archive/1/533930/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/533931/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/70984\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/70985\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/98584\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://packetstormsecurity.com/files/129016/ZTE-831CII-Hardcoded-Credential-XSS-CSRF.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://packetstormsecurity.com/files/129017/ZTE-ZXDSL-831-Cross-Site-Scripting.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securityfocus.com/archive/1/533930/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/533931/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/70984\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/70985\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/98584\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GHSA-7MR2-G8WF-JHRP

Vulnerability from github – Published: 2022-05-14 02:50 – Updated: 2022-05-14 02:50

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-9020"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-11-20T17:50:00Z",
    "severity": "MODERATE"
  },
  "details": "Cross-site scripting (XSS) vulnerability in the Quick Stats page (psilan.cgi) in ZTE ZXDSL 831 and 831CII allows remote attackers to inject arbitrary web script or HTML via the domainname parameter in a save action.  NOTE: this issue was SPLIT from CVE-2014-9021 per ADT1 due to different affected products and codebases.",
  "id": "GHSA-7mr2-g8wf-jhrp",
  "modified": "2022-05-14T02:50:22Z",
  "published": "2022-05-14T02:50:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9020"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98584"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/129016/ZTE-831CII-Hardcoded-Credential-XSS-CSRF.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/129017/ZTE-ZXDSL-831-Cross-Site-Scripting.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/533930/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/533931/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/70984"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/70985"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2014-9020

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2014-9020

Aliases

CVE-2014-9020

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-9020",
    "description": "Cross-site scripting (XSS) vulnerability in the Quick Stats page (psilan.cgi) in ZTE ZXDSL 831 and 831CII allows remote attackers to inject arbitrary web script or HTML via the domainname parameter in a save action.  NOTE: this issue was SPLIT from CVE-2014-9021 per ADT1 due to different affected products and codebases.",
    "id": "GSD-2014-9020",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2014-9020"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-9020"
      ],
      "details": "Cross-site scripting (XSS) vulnerability in the Quick Stats page (psilan.cgi) in ZTE ZXDSL 831 and 831CII allows remote attackers to inject arbitrary web script or HTML via the domainname parameter in a save action.  NOTE: this issue was SPLIT from CVE-2014-9021 per ADT1 due to different affected products and codebases.",
      "id": "GSD-2014-9020",
      "modified": "2023-12-13T01:22:48.413167Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2014-9020",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cross-site scripting (XSS) vulnerability in the Quick Stats page (psilan.cgi) in ZTE ZXDSL 831 and 831CII allows remote attackers to inject arbitrary web script or HTML via the domainname parameter in a save action.  NOTE: this issue was SPLIT from CVE-2014-9021 per ADT1 due to different affected products and codebases."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20141106 ZTE 831CII Multiple Vulnerablities",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/533930/100/0/threaded"
          },
          {
            "name": "http://packetstormsecurity.com/files/129016/ZTE-831CII-Hardcoded-Credential-XSS-CSRF.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/129016/ZTE-831CII-Hardcoded-Credential-XSS-CSRF.html"
          },
          {
            "name": "70984",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/70984"
          },
          {
            "name": "http://packetstormsecurity.com/files/129017/ZTE-ZXDSL-831-Cross-Site-Scripting.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/129017/ZTE-ZXDSL-831-Cross-Site-Scripting.html"
          },
          {
            "name": "70985",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/70985"
          },
          {
            "name": "zte831cii-psilan-xss(98584)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98584"
          },
          {
            "name": "20141106 ZTE ZXDSL 831 Multiple Cross Site Scripting",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/533931/100/0/threaded"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:zte:zxdsl_831cii:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:zte:zxdsl_831:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9020"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in the Quick Stats page (psilan.cgi) in ZTE ZXDSL 831 and 831CII allows remote attackers to inject arbitrary web script or HTML via the domainname parameter in a save action.  NOTE: this issue was SPLIT from CVE-2014-9021 per ADT1 due to different affected products and codebases."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://packetstormsecurity.com/files/129017/ZTE-ZXDSL-831-Cross-Site-Scripting.html",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://packetstormsecurity.com/files/129017/ZTE-ZXDSL-831-Cross-Site-Scripting.html"
            },
            {
              "name": "70984",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/70984"
            },
            {
              "name": "http://packetstormsecurity.com/files/129016/ZTE-831CII-Hardcoded-Credential-XSS-CSRF.html",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://packetstormsecurity.com/files/129016/ZTE-831CII-Hardcoded-Credential-XSS-CSRF.html"
            },
            {
              "name": "70985",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/70985"
            },
            {
              "name": "zte831cii-psilan-xss(98584)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98584"
            },
            {
              "name": "20141106 ZTE ZXDSL 831 Multiple Cross Site Scripting",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/533931/100/0/threaded"
            },
            {
              "name": "20141106 ZTE 831CII Multiple Vulnerablities",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/533930/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2018-10-09T19:54Z",
      "publishedDate": "2014-11-20T17:50Z"
    }
  }
}

VAR-201411-0114

Vulnerability from variot - Updated: 2023-12-18 12:38

Cross-site scripting (XSS) vulnerability in the Quick Stats page (psilan.cgi) in ZTE ZXDSL 831 and 831CII allows remote attackers to inject arbitrary web script or HTML via the domainname parameter in a save action. NOTE: this issue was SPLIT from CVE-2014-9021 per ADT1 due to different affected products and codebases. The ZTE 831CII is a router device. ZTE 831CII has HTML injection, cross-site request forgery, clickjacking, information disclosure, and unauthorized access vulnerabilities, allowing remote attackers to perform certain administrative operations, execute arbitrary scripts or HTML code in the browser context, or steal cookie-based authentication certificates. ZTE 831CII is prone to the following security vulnerabilities: 1. An HTML-injection vulnerability 2. A cross-site request-forgery vulnerability 3. An unspecified clickjacking vulnerability 4. An information-disclosure vulnerability 5. Other attacks are also possible. Both ZTE ZXDSL 831 and 831CII are ADSL modem (Modem) products of China ZTE Corporation. Hardcoded default misconfiguration - The modem comes with admin:admin user credintials.

Stored XSS - http://192.168.1.1/psilan.cgi?action=save&ethIpAddress=192.168.1.1&ethSubnetMask=255.255.255.0&hostname=ZXDSL83C1II&domainname=home%27;alert%280%29;//&enblUpnp=1&enblLan2=0 Any user browsing to http://192.168.1.1/main.html will have a stored xss executed!

CSRF based Stored XSS - http://192.168.1.1/adminpasswd.cgi?action=save&sysUserName=%27;alert%280%29;//&sysPassword=37F6E6F627B6 - letting an admin visit this link would result the admin username changed to ';alert(0);// also a stored XSS in the home page.

CSRF - there is no token/capcha or even current password prompt when the admin changes the password, and creditintials are sent over GET. PoC: http://192.168.1.1/adminpasswd.cgi?action=save&sysUserName=admin&sysPassword=F6C656269697 if an authenticated admin browses that link their credintials will become admin:yibelo

UI Redressing - The modem (like most modems) does not have a clickjacking protection. thus, can be used to modify settings, override admin accounts by a simple clickjack. forexample by using http://192.168.1.1/adminpasswd.html it is possible into tricking an admin submit a form with our credintials (since it doesn't require current password)

not using SSL - The modem does not use HTTPS, so anyone can use MiTM to sniff on going actions, possibly gain user credintials.

Unrestricted privileges - anyone who is connected to the modem with Telnet or tftp is root. simply telneting and authenticating as admin:admin and typing sh and echo $USER would prove that. # Exploit Title: ZTE ZXDSL 831 Multiple Cross Site Scripting

Date: 11/3/2014

Exploit Author: Paulos Yibelo

Vendor Homepage: zte.com.cn

Software Link: -

Version: -

Tested on: Windows 7

CVE :-

TR-069 Client page: Stored

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201411-0114",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "zxdsl 831cii",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "zte",
        "version": null
      },
      {
        "model": "zxdsl 831",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "zte",
        "version": null
      },
      {
        "model": "zxdsl 831",
        "scope": null,
        "trust": 0.8,
        "vendor": "zte",
        "version": null
      },
      {
        "model": "zxdsl 831cii",
        "scope": null,
        "trust": 0.8,
        "vendor": "zte",
        "version": null
      },
      {
        "model": "831cii",
        "scope": null,
        "trust": 0.6,
        "vendor": "zte",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-08309"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005571"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-9020"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-377"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:zte:zxdsl_831cii:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:zte:zxdsl_831:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-9020"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "habte.yibelo",
    "sources": [
      {
        "db": "BID",
        "id": "70984"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2014-9020",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 4.3,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2014-9020",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2014-08309",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-76965",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2014-9020",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-08309",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201411-377",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-76965",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-08309"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76965"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005571"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-9020"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-377"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cross-site scripting (XSS) vulnerability in the Quick Stats page (psilan.cgi) in ZTE ZXDSL 831 and 831CII allows remote attackers to inject arbitrary web script or HTML via the domainname parameter in a save action.  NOTE: this issue was SPLIT from CVE-2014-9021 per ADT1 due to different affected products and codebases. The ZTE 831CII is a router device. ZTE 831CII has HTML injection, cross-site request forgery, clickjacking, information disclosure, and unauthorized access vulnerabilities, allowing remote attackers to perform certain administrative operations, execute arbitrary scripts or HTML code in the browser context, or steal cookie-based authentication certificates. ZTE 831CII is prone to the following security vulnerabilities:\n1. An HTML-injection vulnerability\n2. A cross-site request-forgery vulnerability\n3. An unspecified clickjacking vulnerability\n4. An information-disclosure vulnerability\n5. Other attacks are also possible. Both ZTE ZXDSL 831 and 831CII are ADSL modem (Modem) products of China ZTE Corporation. Hardcoded default misconfiguration - The modem comes with admin:admin user credintials. \n\nStored XSS - http://192.168.1.1/psilan.cgi?action=save\u0026ethIpAddress=192.168.1.1\u0026ethSubnetMask=255.255.255.0\u0026hostname=ZXDSL83C1II\u0026domainname=home%27;alert%280%29;//\u0026enblUpnp=1\u0026enblLan2=0\nAny user browsing to http://192.168.1.1/main.html will have a stored xss executed!\n\nCSRF based Stored XSS - http://192.168.1.1/adminpasswd.cgi?action=save\u0026sysUserName=%27;alert%280%29;//\u0026sysPassword=37F6E6F627B6 - letting an admin visit this link would result the admin username changed to \u0027;alert(0);// also a stored XSS in the home page. \n\nCSRF - there is no token/capcha or even current password prompt when the admin changes the password, and creditintials are sent over GET. PoC: http://192.168.1.1/adminpasswd.cgi?action=save\u0026sysUserName=admin\u0026sysPassword=F6C656269697\nif an authenticated admin browses that link their credintials will become admin:yibelo\n\nUI Redressing - The modem (like most modems) does not have a clickjacking protection. thus, can be used to modify settings, override admin accounts by a simple clickjack. forexample by using http://192.168.1.1/adminpasswd.html it is possible into tricking an admin submit a form with our credintials (since it doesn\u0027t require current password)\n\nnot using SSL - The modem does not use HTTPS, so anyone can use MiTM to sniff on going actions, possibly gain user credintials. \n\nUnrestricted privileges - anyone who is connected to the modem with Telnet or tftp is root. simply telneting and authenticating as admin:admin and typing sh and echo $USER would prove that. # Exploit Title: ZTE ZXDSL 831 Multiple Cross Site Scripting\n# Date: 11/3/2014\n# Exploit Author: Paulos Yibelo\n# Vendor Homepage: zte.com.cn\n# Software Link: -\n# Version: -\n# Tested on: Windows 7\n# CVE :-\n\nTR-069 Client page: Stored",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-9020"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005571"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-08309"
      },
      {
        "db": "BID",
        "id": "70984"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76965"
      },
      {
        "db": "PACKETSTORM",
        "id": "129016"
      },
      {
        "db": "PACKETSTORM",
        "id": "129017"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-9020",
        "trust": 3.6
      },
      {
        "db": "BID",
        "id": "70984",
        "trust": 2.6
      },
      {
        "db": "PACKETSTORM",
        "id": "129017",
        "trust": 1.8
      },
      {
        "db": "PACKETSTORM",
        "id": "129016",
        "trust": 1.8
      },
      {
        "db": "BID",
        "id": "70985",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005571",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-377",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-08309",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20141106 ZTE 831CII MULTIPLE VULNERABLITIES",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "98584",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-76965",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-08309"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76965"
      },
      {
        "db": "BID",
        "id": "70984"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005571"
      },
      {
        "db": "PACKETSTORM",
        "id": "129016"
      },
      {
        "db": "PACKETSTORM",
        "id": "129017"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-9020"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-377"
      }
    ]
  },
  "id": "VAR-201411-0114",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-08309"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76965"
      }
    ],
    "trust": 1.7
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-08309"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:38:08.552000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://wwwen.zte.com.cn/en/"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005571"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-79",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-76965"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005571"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-9020"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/70984"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/70985"
      },
      {
        "trust": 1.7,
        "url": "http://packetstormsecurity.com/files/129016/zte-831cii-hardcoded-credential-xss-csrf.html"
      },
      {
        "trust": 1.7,
        "url": "http://packetstormsecurity.com/files/129017/zte-zxdsl-831-cross-site-scripting.html"
      },
      {
        "trust": 1.4,
        "url": "http://www.securityfocus.com/archive/1/archive/1/533930/100/0/threaded"
      },
      {
        "trust": 1.4,
        "url": "http://www.securityfocus.com/archive/1/archive/1/533931/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/533930/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/533931/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98584"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9020"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9020"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/70984/"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/98584"
      },
      {
        "trust": 0.2,
        "url": "http://192.168.1.1/psilan.cgi?action=save\u0026ethipaddress=192.168.1.1\u0026ethsubnetmask=255.255.255.0\u0026hostname=zxdsl83c1ii\u0026domainname=home%27;alert%280%29;//\u0026enblupnp=1\u0026enbllan2=0"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9020"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9183"
      },
      {
        "trust": 0.1,
        "url": "http://192.168.1.1/adminpasswd.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9019"
      },
      {
        "trust": 0.1,
        "url": "http://192.168.1.1/main.html"
      },
      {
        "trust": 0.1,
        "url": "http://192.168.1.1/adminpasswd.cgi?action=save\u0026sysusername=%27;alert%280%29;//\u0026syspassword=37f6e6f627b6"
      },
      {
        "trust": 0.1,
        "url": "http://192.168.1.1/adminpasswd.cgi?action=save\u0026sysusername=admin\u0026syspassword=f6c656269697"
      },
      {
        "trust": 0.1,
        "url": "http://192.168.1.1/tr69cfg.cgi?tr69cinformenable=1\u0026tr69cinforminterval=43200\u0026tr69cacsurl=http://acs.site.et:9090/web/tr069\u0026tr69cacsuser=cpe\u0026tr69cacspwd=cpe\u0026tr69cconnrequser=itms\u0026tr69cconnreqpwd=itms%27;alert%280%29;//\u0026tr69cnoneconnreqauth=0\u0026tr69cdebugenable=0%27;alert%280%29;//"
      },
      {
        "trust": 0.1,
        "url": "http://192.168.1.1/tr69cfg.html"
      },
      {
        "trust": 0.1,
        "url": "http://192.168.1.1/tr69cfg.cgi?tr69cinformenable=1\u0026tr69cinforminterval=43200\u0026tr69cacsurl=http://acs.site.et:9090/web/tr069\u0026tr69cacsuser=cpe%27;alert%280%29;//\u0026tr69cacspwd=cpe\u0026tr69cconnrequser=itms\u0026tr69cconnreqpwd=itms\u0026tr69cnoneconnreqauth=0\u0026tr69cdebugenable=0"
      },
      {
        "trust": 0.1,
        "url": "http://192.168.1.1/tr69cfg.cgi?tr69cinformenable=1\u0026tr69cinforminterval=43200\u0026tr69cacsurl=http://acs.etc.et:9090/web/tr069%27;alert%280%29;//\u0026tr69cacsuser=cpe\u0026tr69cacspwd=cpe\u0026tr69cconnrequser=itms\u0026tr69cconnreqpwd=itms\u0026tr69cnoneconnreqauth=0\u0026tr69cdebugenable=0"
      },
      {
        "trust": 0.1,
        "url": "http://192.168.1.1/tr69cfg.cgi?tr69cinformenable=1\u0026tr69cinforminterval=43200\u0026tr69cacsurl=http://acs.site.et:9090/web/tr069\u0026tr69cacsuser=cpe\u0026tr69cacspwd=cpe%27;alert%280%29;//\u0026tr69cconnrequser=itms\u0026tr69cconnreqpwd=itms\u0026tr69cnoneconnreqauth=0\u0026tr69cdebugenable=0"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9021"
      },
      {
        "trust": 0.1,
        "url": "http://192.168.1.1/sntpcfg.sntp?ntp_enabled=0\u0026tmyear=2000%27lol\u0026tmmonth=01\u0026tmday=01\u0026tmhour=00\u0026tmminute=30\u0026timezone_offset=+08:00\u0026timezone=beijing,%20chongqing,%20hong%20kong,%20urumqi%22;alert%280%29;//\u0026use_dst=0\u0026enbllightsaving=0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-08309"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76965"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005571"
      },
      {
        "db": "PACKETSTORM",
        "id": "129016"
      },
      {
        "db": "PACKETSTORM",
        "id": "129017"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-9020"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-377"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-08309"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76965"
      },
      {
        "db": "BID",
        "id": "70984"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005571"
      },
      {
        "db": "PACKETSTORM",
        "id": "129016"
      },
      {
        "db": "PACKETSTORM",
        "id": "129017"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-9020"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-377"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-11-17T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-08309"
      },
      {
        "date": "2014-11-20T00:00:00",
        "db": "VULHUB",
        "id": "VHN-76965"
      },
      {
        "date": "2014-11-06T00:00:00",
        "db": "BID",
        "id": "70984"
      },
      {
        "date": "2014-11-21T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-005571"
      },
      {
        "date": "2014-11-07T16:52:33",
        "db": "PACKETSTORM",
        "id": "129016"
      },
      {
        "date": "2014-11-07T16:56:04",
        "db": "PACKETSTORM",
        "id": "129017"
      },
      {
        "date": "2014-11-20T17:50:08.973000",
        "db": "NVD",
        "id": "CVE-2014-9020"
      },
      {
        "date": "2014-11-21T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201411-377"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-11-17T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-08309"
      },
      {
        "date": "2018-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-76965"
      },
      {
        "date": "2014-12-09T00:55:00",
        "db": "BID",
        "id": "70984"
      },
      {
        "date": "2014-11-21T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-005571"
      },
      {
        "date": "2018-10-09T19:54:53.717000",
        "db": "NVD",
        "id": "CVE-2014-9020"
      },
      {
        "date": "2014-11-21T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201411-377"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-377"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "ZTE ZXDSL 831 and  831CII of  Quick Stats Page cross-site scripting vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005571"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "xss",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "129017"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-377"
      }
    ],
    "trust": 0.7
  }
}

FKIE_CVE-2014-9020

Vulnerability from fkie_nvd - Published: 2014-11-20 17:50 - Updated: 2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://packetstormsecurity.com/files/129016/ZTE-831CII-Hardcoded-Credential-XSS-CSRF.html	Exploit
cve@mitre.org	http://packetstormsecurity.com/files/129017/ZTE-ZXDSL-831-Cross-Site-Scripting.html	Exploit
cve@mitre.org	http://www.securityfocus.com/archive/1/533930/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/533931/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/70984
cve@mitre.org	http://www.securityfocus.com/bid/70985
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/98584
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/129016/ZTE-831CII-Hardcoded-Credential-XSS-CSRF.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/129017/ZTE-ZXDSL-831-Cross-Site-Scripting.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/533930/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/533931/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/70984
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/70985
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/98584

Impacted products

	Vendor	Product	Version
	zte	zxdsl_831	-
	zte	zxdsl_831cii	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zte:zxdsl_831:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40186569-78C8-44FE-8E16-435015928522",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:zte:zxdsl_831cii:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A650E89-071F-4151-A113-A68B43092ECF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in the Quick Stats page (psilan.cgi) in ZTE ZXDSL 831 and 831CII allows remote attackers to inject arbitrary web script or HTML via the domainname parameter in a save action.  NOTE: this issue was SPLIT from CVE-2014-9021 per ADT1 due to different affected products and codebases."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de XSS en la p\u00e1gina Quick Stats (psilan.cgi) en ZTE ZXDSL 831 y 831CII permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s del par\u00e1metro domainname en una acci\u00f3n save (guardar). NOTA: este problema fue separado (SPLIT) de CVE-2014-9021 por ADT1 debido a los diferentes productos y bases de c\u00f3digo afectados."
    }
  ],
  "id": "CVE-2014-9020",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2014-11-20T17:50:08.973",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.com/files/129016/ZTE-831CII-Hardcoded-Credential-XSS-CSRF.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.com/files/129017/ZTE-ZXDSL-831-Cross-Site-Scripting.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/533930/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/533931/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/70984"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/70985"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98584"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.com/files/129016/ZTE-831CII-Hardcoded-Credential-XSS-CSRF.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.com/files/129017/ZTE-ZXDSL-831-Cross-Site-Scripting.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/533930/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/533931/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/70984"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/70985"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98584"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2014-9020 (GCVE-0-2014-9020)

GHSA-7MR2-G8WF-JHRP

GSD-2014-9020

VAR-201411-0114

Date: 11/3/2014

Exploit Author: Paulos Yibelo

Vendor Homepage: zte.com.cn

Software Link: -

Version: -

Tested on: Windows 7

CVE :-

FKIE_CVE-2014-9020

Tags

Sightings

Nomenclature