VAR-201707-0413
Vulnerability from variot - Updated: 2023-12-18 12:19HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via WebUI. HOME SPOT CUBE2 provided by KDDI CORPORATION is a wireless LAN router. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.An arbitrary OS command may be executed by an attacker who can access the management screen of the product. The WebUI is one of the graphical user interfaces. An operating system command injection vulnerability exists in the WebUI in KDDIHOMESPOTCUBE2 using firmware versions 101 and earlier. A remote attacker could exploit this vulnerability to execute arbitrary operating system commands. HOME SPOT CUBE2 is prone to following security vulnerabilities: 1. A buffer-overflow vulnerability 3. Other attacks may also be possible
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-0413",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "home spot cube 2",
"scope": "eq",
"trust": 1.6,
"vendor": "kddi",
"version": "v100"
},
{
"model": "home spot cube 2",
"scope": "eq",
"trust": 1.6,
"vendor": "kddi",
"version": "v101"
},
{
"model": "home spot cube2",
"scope": "lte",
"trust": 0.8,
"vendor": "kddi",
"version": "v101"
},
{
"model": "home spot cube2",
"scope": "lte",
"trust": 0.6,
"vendor": "kddi",
"version": "\u003c=v101"
},
{
"model": "home spot cube",
"scope": "eq",
"trust": 0.3,
"vendor": "kddi",
"version": "101"
},
{
"model": "home spot cube",
"scope": "ne",
"trust": 0.3,
"vendor": "kddi",
"version": "102"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-14891"
},
{
"db": "BID",
"id": "99282"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000137"
},
{
"db": "NVD",
"id": "CVE-2017-2185"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-1112"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:kddi:home_spot_cube_2_firmware:v100:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:kddi:home_spot_cube_2_firmware:v101:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:kddi:home_spot_cube_2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2185"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc.",
"sources": [
{
"db": "BID",
"id": "99282"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-1112"
}
],
"trust": 0.9
},
"cve": "CVE-2017-2185",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "IPA",
"availabilityImpact": "Partial",
"baseScore": 5.2,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-000137",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CNVD-2017-14891",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "VHN-110388",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "IPA",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-000137",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-2185",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "IPA",
"id": "JVNDB-2017-000137",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-14891",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201706-1112",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-110388",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-14891"
},
{
"db": "VULHUB",
"id": "VHN-110388"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000137"
},
{
"db": "NVD",
"id": "CVE-2017-2185"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-1112"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via WebUI. HOME SPOT CUBE2 provided by KDDI CORPORATION is a wireless LAN router. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.An arbitrary OS command may be executed by an attacker who can access the management screen of the product. The WebUI is one of the graphical user interfaces. An operating system command injection vulnerability exists in the WebUI in KDDIHOMESPOTCUBE2 using firmware versions 101 and earlier. A remote attacker could exploit this vulnerability to execute arbitrary operating system commands. HOME SPOT CUBE2 is prone to following security vulnerabilities:\n1. A buffer-overflow vulnerability\n3. Other attacks may also be possible",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2185"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000137"
},
{
"db": "CNVD",
"id": "CNVD-2017-14891"
},
{
"db": "BID",
"id": "99282"
},
{
"db": "VULHUB",
"id": "VHN-110388"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "JVN",
"id": "JVN24348065",
"trust": 3.4
},
{
"db": "NVD",
"id": "CVE-2017-2185",
"trust": 3.4
},
{
"db": "BID",
"id": "99282",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000137",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201706-1112",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-14891",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-110388",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-14891"
},
{
"db": "VULHUB",
"id": "VHN-110388"
},
{
"db": "BID",
"id": "99282"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000137"
},
{
"db": "NVD",
"id": "CVE-2017-2185"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-1112"
}
]
},
"id": "VAR-201707-0413",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-14891"
},
{
"db": "VULHUB",
"id": "VHN-110388"
}
],
"trust": 1.45
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-14891"
}
]
},
"last_update_date": "2023-12-18T12:19:42.995000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "About Firmware update for HOME SPOT CUBE2",
"trust": 0.8,
"url": "https://www.au.com/information/notice_mobile/update/update-20170612-01/"
},
{
"title": "Patch for KDDIHOMESPOTCUBE2WebUI Operating System Command Injection Vulnerability (CNVD-2017-14891)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/98208"
},
{
"title": "KDDI HOME SPOT CUBE Fixes for operating system command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=71311"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-14891"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000137"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-1112"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-110388"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000137"
},
{
"db": "NVD",
"id": "CVE-2017-2185"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://jvn.jp/en/jp/jvn24348065/index.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/99282"
},
{
"trust": 1.7,
"url": "https://www.au.com/information/notice_mobile/update/update-20170612-01/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2185"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2185"
},
{
"trust": 0.6,
"url": "http://jvn.jp/en/jp/jvn24348065/"
},
{
"trust": 0.3,
"url": "http://www.kddi.com/english/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-14891"
},
{
"db": "VULHUB",
"id": "VHN-110388"
},
{
"db": "BID",
"id": "99282"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000137"
},
{
"db": "NVD",
"id": "CVE-2017-2185"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-1112"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-14891"
},
{
"db": "VULHUB",
"id": "VHN-110388"
},
{
"db": "BID",
"id": "99282"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000137"
},
{
"db": "NVD",
"id": "CVE-2017-2185"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-1112"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-14891"
},
{
"date": "2017-07-07T00:00:00",
"db": "VULHUB",
"id": "VHN-110388"
},
{
"date": "2017-06-22T00:00:00",
"db": "BID",
"id": "99282"
},
{
"date": "2017-06-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-000137"
},
{
"date": "2017-07-07T13:29:00.380000",
"db": "NVD",
"id": "CVE-2017-2185"
},
{
"date": "2017-06-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-1112"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-14891"
},
{
"date": "2017-07-14T00:00:00",
"db": "VULHUB",
"id": "VHN-110388"
},
{
"date": "2017-06-22T00:00:00",
"db": "BID",
"id": "99282"
},
{
"date": "2018-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-000137"
},
{
"date": "2017-07-14T15:51:05.140000",
"db": "NVD",
"id": "CVE-2017-2185"
},
{
"date": "2017-07-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-1112"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201706-1112"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HOME SPOT CUBE2 vulnerable to OS command injection in WebUI",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-000137"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201706-1112"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…