VAR-200908-0534
Vulnerability from variot - Updated: 2022-05-17 01:492Wire HomePortal and OfficePortal are both small router devices from 2Wire. The 2Wire web interface does not properly validate the page=CD35_SETUP_01 request parameter submitted by the user to the xslt script. If the remote attacker submits a very long password1 parameter of more than 512 characters, the password can be reset and the new password will be prompted the next time you log in to the router. Multiple 2Wire routers are prone to an access-validation vulnerability because they fail to adequately authenticate users before performing certain actions. Unauthenticated attackers can leverage this issue to change the router's administrative password. Successful attacks will completely compromise affected devices. 2Wire routers prior to Firmware version 5.29.135.5 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200908-0534",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "2wire",
"version": "20715.29.51"
},
{
"model": "gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "2wire",
"version": "20713.17.5"
},
{
"model": "gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "2wire",
"version": "20713.7.1"
},
{
"model": "1800hw",
"scope": "eq",
"trust": 0.3,
"vendor": "2wire",
"version": "5.29.51"
},
{
"model": "1800hw",
"scope": "eq",
"trust": 0.3,
"vendor": "2wire",
"version": "4.25.19"
},
{
"model": "1800hw",
"scope": "eq",
"trust": 0.3,
"vendor": "2wire",
"version": "3.17.5"
},
{
"model": "1800hw",
"scope": "eq",
"trust": 0.3,
"vendor": "2wire",
"version": "3.7.1"
},
{
"model": "1701hg",
"scope": "eq",
"trust": 0.3,
"vendor": "2wire",
"version": "5.29.51"
},
{
"model": "1701hg",
"scope": "eq",
"trust": 0.3,
"vendor": "2wire",
"version": "4.25.19"
},
{
"model": "1701hg",
"scope": "eq",
"trust": 0.3,
"vendor": "2wire",
"version": "3.17.5"
},
{
"model": "1701hg",
"scope": "eq",
"trust": 0.3,
"vendor": "2wire",
"version": "3.7.1"
},
{
"model": "gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "2wire",
"version": "20715.29.135.5"
},
{
"model": "1800hw",
"scope": "ne",
"trust": 0.3,
"vendor": "2wire",
"version": "5.29.135.5"
},
{
"model": "1701hg",
"scope": "ne",
"trust": 0.3,
"vendor": "2wire",
"version": "5.29.135.5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-4239"
},
{
"db": "BID",
"id": "36031"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "hkm",
"sources": [
{
"db": "BID",
"id": "36031"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2009-4239",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2009-4239",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-4239"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "2Wire HomePortal and OfficePortal are both small router devices from 2Wire. The 2Wire web interface does not properly validate the page=CD35_SETUP_01 request parameter submitted by the user to the xslt script. If the remote attacker submits a very long password1 parameter of more than 512 characters, the password can be reset and the new password will be prompted the next time you log in to the router. Multiple 2Wire routers are prone to an access-validation vulnerability because they fail to adequately authenticate users before performing certain actions. \nUnauthenticated attackers can leverage this issue to change the router\u0027s administrative password. Successful attacks will completely compromise affected devices. \n2Wire routers prior to Firmware version 5.29.135.5 are vulnerable",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-4239"
},
{
"db": "BID",
"id": "36031"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "36031",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2009-4239",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-4239"
},
{
"db": "BID",
"id": "36031"
}
]
},
"id": "VAR-200908-0534",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-4239"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-4239"
}
]
},
"last_update_date": "2022-05-17T01:49:19.259000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "\\302\\240\\302\\240\\302\\240\\302\\240\\302\\240Patch for 2Wire Router Malicious Request Password Reset Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/43171"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-4239"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.2wire.com"
},
{
"trust": 0.3,
"url": "/archive/1/505694"
}
],
"sources": [
{
"db": "BID",
"id": "36031"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2009-4239"
},
{
"db": "BID",
"id": "36031"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-08-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2009-4239"
},
{
"date": "2009-08-12T00:00:00",
"db": "BID",
"id": "36031"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2009-4239"
},
{
"date": "2009-08-21T15:56:00",
"db": "BID",
"id": "36031"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "36031"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "2Wire Router Malicious Request Password Reset Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-4239"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Access Validation Error",
"sources": [
{
"db": "BID",
"id": "36031"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…