VAR-200903-0547
Vulnerability from variot - Updated: 2023-12-18 12:46Siemens Gigaset SE461 WiMAX router 1.5-BL024.9.6401, and possibly other versions, allows remote attackers to cause a denial of service (device restart and loss of configuration) by connecting to TCP port 53, then closing the connection. Gigaset SE461 WiMAX router is prone to a denial-of-service vulnerability because it fails to adequately handle malformed requests. Successful exploits will deny service to legitimate users. Gigaset SE461 is a high-speed wireless router from Siemens. The WEB management interface of the Gigaset SE461 router does not correctly verify the request submitted by the user. An attacker could trigger the vulnerability by connecting directly to the device or using specially crafted web content
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200903-0547",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "gigaset se461 wimax router",
"scope": "eq",
"trust": 2.4,
"vendor": "siemens",
"version": "1.5-bl024.9.6401"
},
{
"model": "gigaset se461 wimax router 1.5-bl024.9.6401",
"scope": null,
"trust": 0.3,
"vendor": "siemens",
"version": null
},
{
"model": "1.5-bl024.9.6401",
"scope": null,
"trust": 0.2,
"vendor": "gigaset se461 wimax router",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "6b80e5b0-23cc-11e6-abef-000c29c66e3d"
},
{
"db": "BID",
"id": "34220"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-005922"
},
{
"db": "NVD",
"id": "CVE-2009-1152"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-476"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:gigaset_se461__wimax_router:1.5-bl024.9.6401:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-1152"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Benkei",
"sources": [
{
"db": "BID",
"id": "34220"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-476"
}
],
"trust": 0.9
},
"cve": "CVE-2009-1152",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2009-1152",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"id": "6b80e5b0-23cc-11e6-abef-000c29c66e3d",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"id": "VHN-38598",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:A/AC:M/AU:N/C:N/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-1152",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200903-476",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "6b80e5b0-23cc-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-38598",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "6b80e5b0-23cc-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-38598"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-005922"
},
{
"db": "NVD",
"id": "CVE-2009-1152"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-476"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens Gigaset SE461 WiMAX router 1.5-BL024.9.6401, and possibly other versions, allows remote attackers to cause a denial of service (device restart and loss of configuration) by connecting to TCP port 53, then closing the connection. Gigaset SE461 WiMAX router is prone to a denial-of-service vulnerability because it fails to adequately handle malformed requests. \nSuccessful exploits will deny service to legitimate users. Gigaset SE461 is a high-speed wireless router from Siemens. The WEB management interface of the Gigaset SE461 router does not correctly verify the request submitted by the user. An attacker could trigger the vulnerability by connecting directly to the device or using specially crafted web content",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-1152"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-005922"
},
{
"db": "BID",
"id": "34220"
},
{
"db": "IVD",
"id": "6b80e5b0-23cc-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-38598"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-38598",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38598"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-1152",
"trust": 2.7
},
{
"db": "BID",
"id": "34220",
"trust": 2.0
},
{
"db": "EXPLOIT-DB",
"id": "8260",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200903-476",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2009-005922",
"trust": 0.8
},
{
"db": "XF",
"id": "49365",
"trust": 0.6
},
{
"db": "XF",
"id": "461",
"trust": 0.6
},
{
"db": "MILW0RM",
"id": "8260",
"trust": 0.6
},
{
"db": "IVD",
"id": "6B80E5B0-23CC-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-38598",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "6b80e5b0-23cc-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-38598"
},
{
"db": "BID",
"id": "34220"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-005922"
},
{
"db": "NVD",
"id": "CVE-2009-1152"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-476"
}
]
},
"id": "VAR-200903-0547",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "6b80e5b0-23cc-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-38598"
}
],
"trust": 0.03
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "6b80e5b0-23cc-11e6-abef-000c29c66e3d"
}
]
},
"last_update_date": "2023-12-18T12:46:19.387000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://gigaset.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-005922"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-1152"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/34220"
},
{
"trust": 1.7,
"url": "http://helith.net/txt/siemens_gigaset_se461_wimax_router_remote_dos.txt"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/8260"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49365"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1152"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-1152"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/49365"
},
{
"trust": 0.6,
"url": "http://www.milw0rm.com/exploits/8260"
},
{
"trust": 0.3,
"url": "http://gigaset.com/shc/0,1935,hq_en_0_122770_rarnrnrnrn,00.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38598"
},
{
"db": "BID",
"id": "34220"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-005922"
},
{
"db": "NVD",
"id": "CVE-2009-1152"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-476"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "6b80e5b0-23cc-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-38598"
},
{
"db": "BID",
"id": "34220"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-005922"
},
{
"db": "NVD",
"id": "CVE-2009-1152"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-476"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-03-26T00:00:00",
"db": "IVD",
"id": "6b80e5b0-23cc-11e6-abef-000c29c66e3d"
},
{
"date": "2009-03-26T00:00:00",
"db": "VULHUB",
"id": "VHN-38598"
},
{
"date": "2009-03-23T00:00:00",
"db": "BID",
"id": "34220"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-005922"
},
{
"date": "2009-03-26T14:30:00.280000",
"db": "NVD",
"id": "CVE-2009-1152"
},
{
"date": "2009-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200903-476"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-38598"
},
{
"date": "2009-03-24T12:46:00",
"db": "BID",
"id": "34220"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-005922"
},
{
"date": "2017-09-29T01:34:12.497000",
"db": "NVD",
"id": "CVE-2009-1152"
},
{
"date": "2009-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200903-476"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200903-476"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens Gigaset SE461 WiMAX Router Remote Denial of Service Vulnerability",
"sources": [
{
"db": "IVD",
"id": "6b80e5b0-23cc-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-476"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200903-476"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…