VAR-200412-0301
Vulnerability from variot - Updated: 2023-12-18 13:26Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file. It has been reported that Sweex Wireless Broadband Router/Access Point is prone to a vulnerability that may allow a remote attacker to gain unauthorized access to a vulnerable access point. It has been reported that the access point has a TFTP service running that is enabled by default. Successful exploitation of this issue may allow a remote attacker to gain access to sensitive information that could eventually allow an attacker to completely compromise the access point. Sweex Wireless Broadband Router/Access Point 11g is reported to be prone to this issue. TITLE: Sweex Wireless Broadband Router Exposure of Configuration
SECUNIA ADVISORY ID: SA11603
VERIFY ADVISORY: http://secunia.com/advisories/11603/
CRITICAL: Moderately critical
IMPACT: Exposure of system information, Exposure of sensitive information
WHERE:
From local network
OPERATING SYSTEM: Sweex Wireless Broadband Router/ Acces Point 11g
DESCRIPTION: Mark Janssen has reported a vulnerability in Sweex Wireless Broadband Router/Accesspoint, allowing malicious people to gain knowledge of the configuration. This allows anyone with access to the network to download configuration files, including a file containing usernames and passwords.
Reportedly, the tftp service can't be disabled.
Other Sweex products may also be affected.
SOLUTION: Do not use the device on networks with untrusted users.
PROVIDED AND/OR DISCOVERED BY: Mark Janssen
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0301",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wireless broadband router accesspoint 802.11g",
"scope": "eq",
"trust": 1.6,
"vendor": "sweex",
"version": "lc000060"
},
{
"model": "broadband router/acces point 11g",
"scope": null,
"trust": 0.3,
"vendor": "sweex",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "10339"
},
{
"db": "NVD",
"id": "CVE-2004-2455"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-545"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:sweex:wireless_broadband_router_accesspoint_802.11g:lc000060:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2455"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery is credited to Mark Janssen.",
"sources": [
{
"db": "BID",
"id": "10339"
}
],
"trust": 0.3
},
"cve": "CVE-2004-2455",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-10883",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-2455",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-545",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-10883",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10883"
},
{
"db": "NVD",
"id": "CVE-2004-2455"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-545"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file. It has been reported that Sweex Wireless Broadband Router/Access Point is prone to a vulnerability that may allow a remote attacker to gain unauthorized access to a vulnerable access point. It has been reported that the access point has a TFTP service running that is enabled by default. \nSuccessful exploitation of this issue may allow a remote attacker to gain access to sensitive information that could eventually allow an attacker to completely compromise the access point. \nSweex Wireless Broadband Router/Access Point 11g is reported to be prone to this issue. \nTITLE:\nSweex Wireless Broadband Router Exposure of Configuration\n\nSECUNIA ADVISORY ID:\nSA11603\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/11603/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nExposure of system information, Exposure of sensitive information\n\nWHERE:\n\u003eFrom local network\n\nOPERATING SYSTEM:\nSweex Wireless Broadband Router/ Acces Point 11g\n\nDESCRIPTION:\nMark Janssen has reported a vulnerability in Sweex Wireless Broadband\nRouter/Accesspoint, allowing malicious people to gain knowledge of\nthe configuration. This allows anyone with access to the network\nto download configuration files, including a file containing\nusernames and passwords. \n\nReportedly, the tftp service can\u0027t be disabled. \n\nOther Sweex products may also be affected. \n\nSOLUTION:\nDo not use the device on networks with untrusted users. \n\nPROVIDED AND/OR DISCOVERED BY:\nMark Janssen\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org\n\n----------------------------------------------------------------------\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2455"
},
{
"db": "BID",
"id": "10339"
},
{
"db": "VULHUB",
"id": "VHN-10883"
},
{
"db": "PACKETSTORM",
"id": "33331"
}
],
"trust": 1.35
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "10339",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "11603",
"trust": 1.8
},
{
"db": "NVD",
"id": "CVE-2004-2455",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1010143",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "6109",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200412-545",
"trust": 0.7
},
{
"db": "XF",
"id": "16140",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20040512 SWEEX 802.11G ROUTER/ACCESSPOINT CONFIG DISCLOSURE / REMOTE CONFIG",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "6438",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-10883",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "33331",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10883"
},
{
"db": "BID",
"id": "10339"
},
{
"db": "PACKETSTORM",
"id": "33331"
},
{
"db": "NVD",
"id": "CVE-2004-2455"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-545"
}
]
},
"id": "VAR-200412-0301",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-10883"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:26:07.190000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2455"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/10339"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0574.html"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/6109"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/alerts/2004/may/1010143.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/11603"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16140"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/16140"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/6438"
},
{
"trust": 0.3,
"url": "http://www.sweex.com/product.asp?pid=288"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/11603/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10883"
},
{
"db": "BID",
"id": "10339"
},
{
"db": "PACKETSTORM",
"id": "33331"
},
{
"db": "NVD",
"id": "CVE-2004-2455"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-545"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-10883"
},
{
"db": "BID",
"id": "10339"
},
{
"db": "PACKETSTORM",
"id": "33331"
},
{
"db": "NVD",
"id": "CVE-2004-2455"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-545"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-10883"
},
{
"date": "2004-05-13T00:00:00",
"db": "BID",
"id": "10339"
},
{
"date": "2004-05-13T23:19:00",
"db": "PACKETSTORM",
"id": "33331"
},
{
"date": "2004-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2004-2455"
},
{
"date": "2004-05-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-545"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-10883"
},
{
"date": "2004-05-13T00:00:00",
"db": "BID",
"id": "10339"
},
{
"date": "2017-07-11T01:31:54.747000",
"db": "NVD",
"id": "CVE-2004-2455"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-545"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-545"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sweex Wireless broadband router /AP Unauthorized access vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-545"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access verification error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-545"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…