VAR-201708-0144
Vulnerability from variot - Updated: 2023-12-18 12:37ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated non-administrator users to change the admin password by intercepting an outgoing password change request, and changing the username parameter from "support" to "admin". ZTE ADSL ZXV10 W300 Modems are vulnerable to password management functions.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ZTEADSLZXV10W300 is an ADSL modem (Modem) product from China ZTE Corporation (ZTE). A security vulnerability exists in the ZTEADSLZXV10W300W300V2.1.0f_ER7_PE_O57 version and the W300V2.1.0h_ER7_PE_O57 version. There are security vulnerabilities in ZTE ADSL ZXV10 W300 W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57. ZTE ADSL modems - Multiple vulnerabilities
Confirmed on 2 (of multiple) software versions - W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57
1 Insufficient authorization controls
CVE-ID: CVE-2015-7257
Observed in Password Change functionality. Other functions may be vulnerable as well. 'support' is a diagnostic user with restricted privileges.
Steps to reproduce:
a. Login as user 'support' password XXX
b. Access Password Change page - http:///password.htm
c. Submit request
d. Enter the new password > old password is not requested > Submit
> Login as admin
-> Pwn!
2 Sensitive information disclosure - clear-text passwords
Displaying user information over Telnet connection, shows all valid users and their passwords in clear-text.
CVE-ID: CVE-2015-7258
Steps to reproduce:
$ telnet
Trying ...
Connected to .
Escape character is '^]'.
User Access Verification
Username: admin
Password: < admin/XXX1
$sh
ADSL#login show <-- shows user information
Username Password Priority
admin password1 2
support password2 0
admin password3 1
3 (Potential) Backdoor account feature - insecure account management
Same login account can exist on the device, multiple times, each with different priority#. It is possible to log in to device with either of the username/password combination.
CVE-ID: CVE-2015-7259
It is considered as a (redundant) login support feature.
Steps to reproduce:
$ telnet
Trying ...
Connected to .
Escape character is '^]'
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-0144",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "zxv10 w300",
"scope": "eq",
"trust": 2.4,
"vendor": "zte",
"version": "w300v2.1.0f_er7_pe_o57"
},
{
"model": "zxv10 w300",
"scope": "eq",
"trust": 2.4,
"vendor": "zte",
"version": "w300v2.1.0h_er7_pe_o57"
},
{
"model": "adsl zxv10 w300 w300v2.1.0f er7 pe o57",
"scope": null,
"trust": 0.6,
"vendor": "zte",
"version": null
},
{
"model": "adsl zxv10 w300 w300v2.1.0h er7 pe o57",
"scope": null,
"trust": 0.6,
"vendor": "zte",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28177"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007769"
},
{
"db": "NVD",
"id": "CVE-2015-7257"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1099"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zte:zxv10_w300_firmware:w300v2.1.0f_er7_pe_o57:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zte:zxv10_w300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:zte:zxv10_w300_firmware:w300v2.1.0h_er7_pe_o57:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zte:zxv10_w300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7257"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Karn Ganeshen",
"sources": [
{
"db": "PACKETSTORM",
"id": "134336"
}
],
"trust": 0.1
},
"cve": "CVE-2015-7257",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 8.5,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-7257",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"id": "CNVD-2017-28177",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"id": "VHN-85218",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2015-7257",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-7257",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-28177",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1099",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-85218",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28177"
},
{
"db": "VULHUB",
"id": "VHN-85218"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007769"
},
{
"db": "NVD",
"id": "CVE-2015-7257"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1099"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated non-administrator users to change the admin password by intercepting an outgoing password change request, and changing the username parameter from \"support\" to \"admin\". ZTE ADSL ZXV10 W300 Modems are vulnerable to password management functions.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ZTEADSLZXV10W300 is an ADSL modem (Modem) product from China ZTE Corporation (ZTE). A security vulnerability exists in the ZTEADSLZXV10W300W300V2.1.0f_ER7_PE_O57 version and the W300V2.1.0h_ER7_PE_O57 version. There are security vulnerabilities in ZTE ADSL ZXV10 W300 W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57. *ZTE ADSL modems - Multiple vulnerabilities*\n\nConfirmed on 2 (of multiple) software versions - *W300V2.1.0f_ER7_PE_O57\nand W300V2.1.0h_ER7_PE_O57*\n\n1 *Insufficient authorization controls*\n\n*CVE-ID*: CVE-2015-7257\n\nObserved in Password Change functionality. Other functions may be\nvulnerable as well. \u0027support\u0027 is a diagnostic user with restricted\nprivileges. \n\n\n*Steps to reproduce:*\n\na. Login as user \u0027support\u0027 password XXX\n\nb. Access Password Change page - http://\u003cIP\u003e/password.htm\n\nc. Submit request\n\nd. Enter the new password \u00ad\u003e old password is not requested \u00ad\u003e Submit\n\n\u00ad\u003e Login as admin\n\n-\u003e Pwn!\n\n\n\n2 *Sensitive information disclosure - clear-text passwords*\n\nDisplaying user information over Telnet connection, shows all valid users\nand their passwords in clear\u00ad-text. \n\n*CVE-ID*: CVE-2015-7258\n\n*Steps to reproduce:*\n\n$ telnet \u003cIP\u003e\n\nTrying \u003cIP\u003e... \n\nConnected to \u003cIP\u003e. \n\nEscape character is \u0027^]\u0027. \n\nUser Access Verification\n\nUsername: admin\n\nPassword: \u003c\u00ad\u00ad\u00ad admin/XXX1\n\n$sh\n\nADSL#login show \u003c--\u00ad\u00ad\u00ad shows user information\n\nUsername Password Priority\n\nadmin password1 2\n\nsupport password2 0\n\nadmin password3 1\n\n\n\n3 *(Potential) Backdoor account feature - **insecure account management*\n\nSame login account can exist on the device, multiple times, each with\ndifferent priority#. It is possible to log in to device with either of the\nusername/password combination. \n\n*CVE-ID*: CVE-2015-7259\n\nIt is considered as a (redundant) login support *feature*. \n\n\n*Steps to reproduce:*\n\n$ telnet \u003cIP\u003e\n\nTrying \u003cIP\u003e... \n\nConnected to \u003cIP\u003e. \n\nEscape character is \u0027^]\u0027",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7257"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007769"
},
{
"db": "CNVD",
"id": "CNVD-2017-28177"
},
{
"db": "VULHUB",
"id": "VHN-85218"
},
{
"db": "PACKETSTORM",
"id": "134336"
}
],
"trust": 2.34
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-85218",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85218"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7257",
"trust": 3.2
},
{
"db": "EXPLOIT-DB",
"id": "38772",
"trust": 2.3
},
{
"db": "PACKETSTORM",
"id": "134336",
"trust": 1.8
},
{
"db": "PACKETSTORM",
"id": "134493",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007769",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1099",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-28177",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-85218",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28177"
},
{
"db": "VULHUB",
"id": "VHN-85218"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007769"
},
{
"db": "PACKETSTORM",
"id": "134336"
},
{
"db": "NVD",
"id": "CVE-2015-7257"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1099"
}
]
},
"id": "VAR-201708-0144",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28177"
},
{
"db": "VULHUB",
"id": "VHN-85218"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28177"
}
]
},
"last_update_date": "2023-12-18T12:37:18.842000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ZXV10 W300",
"trust": 0.8,
"url": "http://wwwen.zte.com.cn/pub/en/products/access/cpe/201111/t20111110_262340.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007769"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-640",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85218"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007769"
},
{
"db": "NVD",
"id": "CVE-2015-7257"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://seclists.org/fulldisclosure/2015/nov/48"
},
{
"trust": 2.3,
"url": "https://www.exploit-db.com/exploits/38772/"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/134336/zte-adsl-authorization-bypass-information-disclosure.html"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/134493/zte-adsl-zxv10-w300-authorization-disclosure-backdoor.html"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7257"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7257"
},
{
"trust": 0.1,
"url": "http://\u003cip\u003e/password.htm"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7259"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7258"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-28177"
},
{
"db": "VULHUB",
"id": "VHN-85218"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007769"
},
{
"db": "PACKETSTORM",
"id": "134336"
},
{
"db": "NVD",
"id": "CVE-2015-7257"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1099"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-28177"
},
{
"db": "VULHUB",
"id": "VHN-85218"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007769"
},
{
"db": "PACKETSTORM",
"id": "134336"
},
{
"db": "NVD",
"id": "CVE-2015-7257"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1099"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-28177"
},
{
"date": "2017-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-85218"
},
{
"date": "2017-09-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007769"
},
{
"date": "2015-11-14T13:33:33",
"db": "PACKETSTORM",
"id": "134336"
},
{
"date": "2017-08-24T20:29:00.393000",
"db": "NVD",
"id": "CVE-2015-7257"
},
{
"date": "2017-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1099"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-28177"
},
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-85218"
},
{
"date": "2017-09-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007769"
},
{
"date": "2017-08-29T16:17:53.957000",
"db": "NVD",
"id": "CVE-2015-7257"
},
{
"date": "2017-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1099"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1099"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ZTE ADSL ZXV10 W300 Modem password management vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007769"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1099"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…