VAR-201709-0218
Vulnerability from variot - Updated: 2023-12-18 13:14The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589, NVG599, and unspecified other devices, when IP Passthrough mode is not used, configures an sbdc.ha WAN TCP service on port 61001 with the bdctest account and the bdctest password, which allows remote attackers to obtain sensitive information (such as the Wi-Fi password) by leveraging knowledge of a hardware identifier, related to the Bulk Data Collection (BDC) mechanism defined in Broadband Forum technical reports. AT&T U-verse Firmware contains an information disclosure vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ArrisNVG589 and NVG599 are router products of Arris Group of the United States. AT&TU-verse is the firmware used in it. A security vulnerability exists in the AT&TU-verse9.2.2h0d83 version of ArrisNVG589 and NVG599. A remote attacker can exploit this vulnerability to obtain sensitive information (for example, a Wi-Fi password). AT&T U-verse Arris Modems are prone to following security vulnerabilities: 1. 2. An information-disclosure vulnerability 3. A command injection vulnerability 4. Failed exploit attempts may result in a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-0218",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "u-verse",
"scope": "eq",
"trust": 1.6,
"vendor": "att",
"version": "9.2.2h0d83"
},
{
"model": "u-verse",
"scope": "eq",
"trust": 0.8,
"vendor": "at t",
"version": "9.2.2h0d83"
},
{
"model": "nvg589",
"scope": "eq",
"trust": 0.6,
"vendor": "arris",
"version": "0"
},
{
"model": "nvg599",
"scope": "eq",
"trust": 0.6,
"vendor": "arris",
"version": "0"
},
{
"model": "at\u0026t u-verse 9.2.2h0d83",
"scope": null,
"trust": 0.6,
"vendor": "arris",
"version": null
},
{
"model": "u-verse 9.2.2h0d83",
"scope": null,
"trust": 0.3,
"vendor": "at t",
"version": null
},
{
"model": "arris nvg599",
"scope": "eq",
"trust": 0.3,
"vendor": "at t",
"version": "0"
},
{
"model": "arris nvg589",
"scope": "eq",
"trust": 0.3,
"vendor": "at t",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-31556"
},
{
"db": "BID",
"id": "100585"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007776"
},
{
"db": "NVD",
"id": "CVE-2017-10793"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-003"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:att:u-verse_firmware:9.2.2h0d83:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:commscope:arris_nvg599:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:commscope:arris_nvg589:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-10793"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nomotion",
"sources": [
{
"db": "BID",
"id": "100585"
}
],
"trust": 0.3
},
"cve": "CVE-2017-10793",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-10793",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2017-31556",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-101151",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.1,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-10793",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-10793",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-31556",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201707-003",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-101151",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-31556"
},
{
"db": "VULHUB",
"id": "VHN-101151"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007776"
},
{
"db": "NVD",
"id": "CVE-2017-10793"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-003"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The AT\u0026T U-verse 9.2.2h0d83 firmware for the Arris NVG589, NVG599, and unspecified other devices, when IP Passthrough mode is not used, configures an sbdc.ha WAN TCP service on port 61001 with the bdctest account and the bdctest password, which allows remote attackers to obtain sensitive information (such as the Wi-Fi password) by leveraging knowledge of a hardware identifier, related to the Bulk Data Collection (BDC) mechanism defined in Broadband Forum technical reports. AT\u0026T U-verse Firmware contains an information disclosure vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ArrisNVG589 and NVG599 are router products of Arris Group of the United States. AT\u0026TU-verse is the firmware used in it. A security vulnerability exists in the AT\u0026TU-verse9.2.2h0d83 version of ArrisNVG589 and NVG599. A remote attacker can exploit this vulnerability to obtain sensitive information (for example, a Wi-Fi password). AT\u0026amp;T U-verse Arris Modems are prone to following security vulnerabilities:\n1. \n2. An information-disclosure vulnerability\n3. A command injection vulnerability\n4. Failed exploit attempts may result in a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-10793"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007776"
},
{
"db": "CNVD",
"id": "CNVD-2017-31556"
},
{
"db": "BID",
"id": "100585"
},
{
"db": "VULHUB",
"id": "VHN-101151"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-10793",
"trust": 3.4
},
{
"db": "BID",
"id": "100585",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007776",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201707-003",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-31556",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-101151",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-31556"
},
{
"db": "VULHUB",
"id": "VHN-101151"
},
{
"db": "BID",
"id": "100585"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007776"
},
{
"db": "NVD",
"id": "CVE-2017-10793"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-003"
}
]
},
"id": "VAR-201709-0218",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-31556"
},
{
"db": "VULHUB",
"id": "VHN-101151"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-31556"
}
]
},
"last_update_date": "2023-12-18T13:14:08.770000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.att.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007776"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-101151"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007776"
},
{
"db": "NVD",
"id": "CVE-2017-10793"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://www.nomotion.net/blog/sharknatto/"
},
{
"trust": 2.3,
"url": "https://threatpost.com/bugs-in-arris-modems-distributed-by-att-vulnerable-to-trivial-attacks/127753/"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/100585"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-10793"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-10793"
},
{
"trust": 0.3,
"url": "https://www.tenable.com/blog/hardcoded-credentials-expose-customers-of-att-u-verse"
},
{
"trust": 0.3,
"url": "https://www.att.com/"
},
{
"trust": 0.3,
"url": "https://www.tenable.com/plugins/index.php?view=single\u0026id=102915"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-31556"
},
{
"db": "VULHUB",
"id": "VHN-101151"
},
{
"db": "BID",
"id": "100585"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007776"
},
{
"db": "NVD",
"id": "CVE-2017-10793"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-003"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-31556"
},
{
"db": "VULHUB",
"id": "VHN-101151"
},
{
"db": "BID",
"id": "100585"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007776"
},
{
"db": "NVD",
"id": "CVE-2017-10793"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-003"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-31556"
},
{
"date": "2017-09-03T00:00:00",
"db": "VULHUB",
"id": "VHN-101151"
},
{
"date": "2017-08-31T00:00:00",
"db": "BID",
"id": "100585"
},
{
"date": "2017-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007776"
},
{
"date": "2017-09-03T19:29:00.207000",
"db": "NVD",
"id": "CVE-2017-10793"
},
{
"date": "2017-07-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-003"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-31556"
},
{
"date": "2017-09-13T00:00:00",
"db": "VULHUB",
"id": "VHN-101151"
},
{
"date": "2017-08-31T00:00:00",
"db": "BID",
"id": "100585"
},
{
"date": "2017-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007776"
},
{
"date": "2021-08-23T17:24:49.847000",
"db": "NVD",
"id": "CVE-2017-10793"
},
{
"date": "2021-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-003"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-003"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AT\u0026T U-verse Information disclosure vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007776"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-003"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…