VAR-200607-0446
Vulnerability from variot - Updated: 2023-12-18 11:51BT Voyager 2091 Wireless firmware 2.21.05.08m_A2pB018c1.d16d and earlier, and 3.01m and earlier, allow remote attackers to bypass the authentication process and gain sensitive information, such as configuration information via (1) /btvoyager_getconfig.sh, PPP credentials via (2) btvoyager_getpppcreds.sh, and decode configuration credentials via (3) btvoyager_decoder.c. BT Voyager is prone to authentication-bypass vulnerabilities. These issues are due to a flaw in the authentication process of the affected application. Exploiting these issues may allow attackers to gain unauthorized, remote access to the application's administrative functions. BT Voyager 2091 Wireless ADSL, Firmware 2.21.05.08m_A2pB018c1.d16d, and Firmware 3.01m are reported vulnerable; other versions may also be affected. NOTE: Other precise reports have related to the \"psiBackupInfo\" and \"connect.html\" files, but these vectors were not clear in the original disclosure.
Hardcore Disassembler / Reverse Engineer
Reversing must be a passion as your skills will be challenged on a daily basis and you will be working several hours everyday in IDA, Ollydbg, and with BinDiff. Often, it is also required that you write a PoC or even a working exploit to prove that an issue is exploitable.
The problem is caused due to missing authentication checks when accessing the "psiBackupInfo" and "connect.html" files. Other versions may also be affected.
SOLUTION: Filter traffic to affected devices.
PROVIDED AND/OR DISCOVERED BY: pagvac
ORIGINAL ADVISORY: http://ikwt.dyndns.org/projects/btvoyager-getconfig.txt
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200607-0446",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "voyager 2091 wireless adsl router",
"scope": "lte",
"trust": 1.8,
"vendor": "bt",
"version": "2.21.05.08m_a2pb018c1.d16d"
},
{
"model": "voyager 2091 wireless adsl router",
"scope": "lte",
"trust": 1.8,
"vendor": "bt",
"version": "3.01m"
},
{
"model": "voyager 2091 wireless adsl router",
"scope": "eq",
"trust": 0.6,
"vendor": "bt",
"version": "3.01m"
},
{
"model": "voyager 2091 wireless adsl router",
"scope": "eq",
"trust": 0.6,
"vendor": "bt",
"version": "2.21.05.08m_a2pb018c1.d16d"
},
{
"model": "voyager wireless adsl router",
"scope": "eq",
"trust": 0.3,
"vendor": "bt",
"version": "20910"
},
{
"model": "3.01m",
"scope": null,
"trust": 0.3,
"vendor": "bt",
"version": null
},
{
"model": "2.21.05.08m a2pb018c",
"scope": null,
"trust": 0.3,
"vendor": "bt",
"version": null
},
{
"model": "voyager wireless adsl router 3.01m",
"scope": "eq",
"trust": 0.3,
"vendor": "bt",
"version": "2091"
},
{
"model": "voyager wireless adsl router 2.21.05.08m a2pb018c",
"scope": "eq",
"trust": 0.3,
"vendor": "bt",
"version": "2091"
}
],
"sources": [
{
"db": "BID",
"id": "19057"
},
{
"db": "BID",
"id": "82222"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-004062"
},
{
"db": "NVD",
"id": "CVE-2006-3561"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-199"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:bt:voyager_2091_wireless_adsl_router:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.01m",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:bt:voyager_2091_wireless_adsl_router:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.21.05.08m_a2pb018c1.d16d",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-3561"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "pagvacito \u003cunknown.pentester@gmail.com\u003e reported these vulnerabilities.",
"sources": [
{
"db": "BID",
"id": "19057"
}
],
"trust": 0.3
},
"cve": "CVE-2006-3561",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2006-3561",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-19669",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-3561",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200607-199",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-19669",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19669"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-004062"
},
{
"db": "NVD",
"id": "CVE-2006-3561"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-199"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BT Voyager 2091 Wireless firmware 2.21.05.08m_A2pB018c1.d16d and earlier, and 3.01m and earlier, allow remote attackers to bypass the authentication process and gain sensitive information, such as configuration information via (1) /btvoyager_getconfig.sh, PPP credentials via (2) btvoyager_getpppcreds.sh, and decode configuration credentials via (3) btvoyager_decoder.c. BT Voyager is prone to authentication-bypass vulnerabilities. These issues are due to a flaw in the authentication process of the affected application. \nExploiting these issues may allow attackers to gain unauthorized, remote access to the application\u0027s administrative functions. \nBT Voyager 2091 Wireless ADSL, Firmware 2.21.05.08m_A2pB018c1.d16d, and Firmware 3.01m are reported vulnerable; other versions may also be affected. NOTE: Other precise reports have related to the \\\"psiBackupInfo\\\" and \\\"connect.html\\\" files, but these vectors were not clear in the original disclosure. \n\n----------------------------------------------------------------------\n\nHardcore Disassembler / Reverse Engineer\n\nReversing must be a passion as your skills will be challenged\non a daily basis and you will be working several hours\neveryday in IDA, Ollydbg, and with BinDiff. Often, it is also\nrequired that you write a PoC or even a working exploit to\nprove that an issue is exploitable. \n\nThe problem is caused due to missing authentication checks when\naccessing the \"psiBackupInfo\" and \"connect.html\" files. Other versions may also be\naffected. \n\nSOLUTION:\nFilter traffic to affected devices. \n\nPROVIDED AND/OR DISCOVERED BY:\npagvac\n\nORIGINAL ADVISORY:\nhttp://ikwt.dyndns.org/projects/btvoyager-getconfig.txt\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-3561"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-004062"
},
{
"db": "BID",
"id": "19057"
},
{
"db": "BID",
"id": "82222"
},
{
"db": "VULHUB",
"id": "VHN-19669"
},
{
"db": "PACKETSTORM",
"id": "48132"
}
],
"trust": 2.34
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-19669",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19669"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-3561",
"trust": 2.8
},
{
"db": "BID",
"id": "19057",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "20982",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2006-2734",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2006-004062",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200607-199",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20080301 THE ROUTER HACKING CHALLENGE IS OVER!",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060716 UNAUTHENTICATED ACCESS TO BT VOYAGER CONFIG FILE AND PPP CREDENTIALS EMBEDDED IN HTML FORM",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20060708 UNAUTHENTICATED ACCESS TO BT VOYAGER CONFIG FILE",
"trust": 0.6
},
{
"db": "XF",
"id": "27652",
"trust": 0.6
},
{
"db": "BID",
"id": "82222",
"trust": 0.4
},
{
"db": "EXPLOIT-DB",
"id": "2034",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-19669",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "48132",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19669"
},
{
"db": "BID",
"id": "19057"
},
{
"db": "BID",
"id": "82222"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-004062"
},
{
"db": "PACKETSTORM",
"id": "48132"
},
{
"db": "NVD",
"id": "CVE-2006-3561"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-199"
}
]
},
"id": "VAR-200607-0446",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-19669"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:51:13.895000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
},
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19669"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-004062"
},
{
"db": "NVD",
"id": "CVE-2006-3561"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-july/047733.html"
},
{
"trust": 1.8,
"url": "http://ikwt.dyndns.org/projects/btvoyager-getconfig.txt"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/19057"
},
{
"trust": 1.7,
"url": "http://www.gnucitizen.org/blog/holes-in-embedded-devices-authentication-bypass-pt-3/"
},
{
"trust": 1.7,
"url": "http://www.gnucitizen.org/projects/router-hacking-challenge/"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/20982"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/440405/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/489009/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/2734"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27652"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/archive/1/archive/1/489009/100/0/threaded"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/archive/1/archive/1/440405/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3561"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-3561"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/27652"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/2734"
},
{
"trust": 0.3,
"url": "http://www.voyager.bt.com/"
},
{
"trust": 0.3,
"url": "/archive/1/440405"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/10969/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/20982/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19669"
},
{
"db": "BID",
"id": "19057"
},
{
"db": "BID",
"id": "82222"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-004062"
},
{
"db": "PACKETSTORM",
"id": "48132"
},
{
"db": "NVD",
"id": "CVE-2006-3561"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-199"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-19669"
},
{
"db": "BID",
"id": "19057"
},
{
"db": "BID",
"id": "82222"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-004062"
},
{
"db": "PACKETSTORM",
"id": "48132"
},
{
"db": "NVD",
"id": "CVE-2006-3561"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-199"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-07-13T00:00:00",
"db": "VULHUB",
"id": "VHN-19669"
},
{
"date": "2006-07-18T00:00:00",
"db": "BID",
"id": "19057"
},
{
"date": "2006-07-12T00:00:00",
"db": "BID",
"id": "82222"
},
{
"date": "2014-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-004062"
},
{
"date": "2006-07-12T07:20:23",
"db": "PACKETSTORM",
"id": "48132"
},
{
"date": "2006-07-13T01:05:00",
"db": "NVD",
"id": "CVE-2006-3561"
},
{
"date": "2006-07-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200607-199"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-19669"
},
{
"date": "2006-07-19T22:27:00",
"db": "BID",
"id": "19057"
},
{
"date": "2006-07-12T00:00:00",
"db": "BID",
"id": "82222"
},
{
"date": "2014-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-004062"
},
{
"date": "2018-10-18T16:47:59.863000",
"db": "NVD",
"id": "CVE-2006-3561"
},
{
"date": "2006-07-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200607-199"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "19057"
},
{
"db": "BID",
"id": "82222"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BT Voyager 2091 Wireless Vulnerabilities that bypass the authentication process in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-004062"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200607-199"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…