VAR-201802-1227
Vulnerability from variot - Updated: 2023-12-18 13:24An issue was discovered on Tenda AC15 V15.03.1.16_multi devices. A remote, unauthenticated attacker can gain remote code execution on the device with a crafted password parameter for the COOKIE header. Tenda AC15 Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. TendaAC15 is a wireless router product from Tenda. ** Advisory Information
Title: [CVE-2018-5767] Remote Code Execution Walkthrough on Tenda AC15 Router Blog URL: https://www.fidusinfosec.com/remote-code-execution-cve-2018-5767/ Vendor: Tenda Date Published: 14/02/2018 CVE: CVE-2018-5767
** Vulnerability Summary
The vulnerability in question is caused by a buffer overflow due to unsanitised user input being passed directly to a call to sscanf.
** Vendor Response
Numerous attempts were made to contact the vendor with no success. Due to the nature of the vulnerability, offset's have been redacted from the post to prevent point and click exploitation.
** Report Timeline
Vulnerability discovered and first reported - 14/1/2018
Second attempt to make contact, further informing the vendor of the severity of the vulnerability - 18/1/2018
CVE's assigned by Mitre.org - 19/1/2018
Livechat attempt to contact vendor - 19/1/2018
Another attempt to contact vendor 23/1/2018
Further attempt to contact vendor, confirming 5 CVE's had been assigned to their product - 31/1/2018
Final contact attempted & warning of public disclosure - 8/2/2018
Public disclosure - 14/2/2018
** Credit
This vulnerability was discovered by Tim Carrington @__invictus_, part of the Fidus Information Security research team.
** References
https://www.fidusinfosec.com/remote-code-execution-cve-2018-5767/
** Disclaimer
This advisory is licensed under a Creative Commons Attribution Non-Commercial Share-Alike 3.0 License: http://creativecommons.org/licenses/by-nc-sa/3.0/
[https://api.salesflare.com/img/90542021a59e43879370651ba637dd97]
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201802-1227",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ac15",
"scope": "eq",
"trust": 1.6,
"vendor": "tendacn",
"version": "15.03.1.16"
},
{
"model": "ac15",
"scope": "eq",
"trust": 0.8,
"vendor": "tenda",
"version": "15.03.1.16"
},
{
"model": "ac15 router",
"scope": "eq",
"trust": 0.6,
"vendor": "tenda",
"version": "v15.03.1.16"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-07423"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002267"
},
{
"db": "NVD",
"id": "CVE-2018-5767"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-893"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:tendacn:ac15_firmware:15.03.1.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:tendacn:ac15:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5767"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tim Carrington",
"sources": [
{
"db": "PACKETSTORM",
"id": "146424"
}
],
"trust": 0.1
},
"cve": "CVE-2018-5767",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-5767",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-07423",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-135799",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-5767",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-5767",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-07423",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201802-893",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-135799",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-5767",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-07423"
},
{
"db": "VULHUB",
"id": "VHN-135799"
},
{
"db": "VULMON",
"id": "CVE-2018-5767"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002267"
},
{
"db": "NVD",
"id": "CVE-2018-5767"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-893"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Tenda AC15 V15.03.1.16_multi devices. A remote, unauthenticated attacker can gain remote code execution on the device with a crafted password parameter for the COOKIE header. Tenda AC15 Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. TendaAC15 is a wireless router product from Tenda. ** Advisory Information\n\nTitle: [CVE-2018-5767] Remote Code Execution Walkthrough on Tenda AC15 Router\nBlog URL: https://www.fidusinfosec.com/remote-code-execution-cve-2018-5767/\nVendor: Tenda\nDate Published: 14/02/2018\nCVE: CVE-2018-5767\n\n\n** Vulnerability Summary\n\nThe vulnerability in question is caused by a buffer overflow due to unsanitised user input being passed directly to a call to sscanf. \n\n** Vendor Response\n\nNumerous attempts were made to contact the vendor with no success. Due to the nature of the vulnerability, offset\u0027s have been redacted from the post to prevent point and click exploitation. \n\n\n** Report Timeline\n\nVulnerability discovered and first reported - 14/1/2018\n\nSecond attempt to make contact, further informing the vendor of the severity of the vulnerability - 18/1/2018\n\nCVE\u0027s assigned by Mitre.org - 19/1/2018\n\nLivechat attempt to contact vendor - 19/1/2018\n\nAnother attempt to contact vendor 23/1/2018\n\nFurther attempt to contact vendor, confirming 5 CVE\u0027s had been assigned to their product - 31/1/2018\n\nFinal contact attempted \u0026 warning of public disclosure - 8/2/2018\n\nPublic disclosure - 14/2/2018\n\n** Credit\n\nThis vulnerability was discovered by Tim Carrington @__invictus_, part of the Fidus\nInformation Security research team. \n\n\n** References\n\nhttps://www.fidusinfosec.com/remote-code-execution-cve-2018-5767/\n\n\n** Disclaimer\n\nThis advisory is licensed under a Creative Commons Attribution Non-Commercial\nShare-Alike 3.0 License: http://creativecommons.org/licenses/by-nc-sa/3.0/\n\n\n[https://api.salesflare.com/img/90542021a59e43879370651ba637dd97]\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5767"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002267"
},
{
"db": "CNVD",
"id": "CNVD-2018-07423"
},
{
"db": "VULHUB",
"id": "VHN-135799"
},
{
"db": "VULMON",
"id": "CVE-2018-5767"
},
{
"db": "PACKETSTORM",
"id": "146424"
}
],
"trust": 2.43
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-135799",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=44253",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135799"
},
{
"db": "VULMON",
"id": "CVE-2018-5767"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-5767",
"trust": 3.3
},
{
"db": "EXPLOIT-DB",
"id": "44253",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002267",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201802-893",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-07423",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "146424",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-97161",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-135799",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-5767",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-07423"
},
{
"db": "VULHUB",
"id": "VHN-135799"
},
{
"db": "VULMON",
"id": "CVE-2018-5767"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002267"
},
{
"db": "PACKETSTORM",
"id": "146424"
},
{
"db": "NVD",
"id": "CVE-2018-5767"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-893"
}
]
},
"id": "VAR-201802-1227",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-07423"
},
{
"db": "VULHUB",
"id": "VHN-135799"
}
],
"trust": 1.4462291999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-07423"
}
]
},
"last_update_date": "2023-12-18T13:24:10.282000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "AC15",
"trust": 0.8,
"url": "http://tendacn.com/en/product/ac15.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002267"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135799"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002267"
},
{
"db": "NVD",
"id": "CVE-2018-5767"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://www.fidusinfosec.com/remote-code-execution-cve-2018-5767/"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/44253/"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5767"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5767"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-nc-sa/3.0/"
},
{
"trust": 0.1,
"url": "https://api.salesflare.com/img/90542021a59e43879370651ba637dd97]"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-07423"
},
{
"db": "VULHUB",
"id": "VHN-135799"
},
{
"db": "VULMON",
"id": "CVE-2018-5767"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002267"
},
{
"db": "PACKETSTORM",
"id": "146424"
},
{
"db": "NVD",
"id": "CVE-2018-5767"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-893"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-07423"
},
{
"db": "VULHUB",
"id": "VHN-135799"
},
{
"db": "VULMON",
"id": "CVE-2018-5767"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002267"
},
{
"db": "PACKETSTORM",
"id": "146424"
},
{
"db": "NVD",
"id": "CVE-2018-5767"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-893"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-07423"
},
{
"date": "2018-02-15T00:00:00",
"db": "VULHUB",
"id": "VHN-135799"
},
{
"date": "2018-02-15T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5767"
},
{
"date": "2018-04-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-002267"
},
{
"date": "2018-02-16T18:32:22",
"db": "PACKETSTORM",
"id": "146424"
},
{
"date": "2018-02-15T23:29:00.513000",
"db": "NVD",
"id": "CVE-2018-5767"
},
{
"date": "2018-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201802-893"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-07423"
},
{
"date": "2018-03-15T00:00:00",
"db": "VULHUB",
"id": "VHN-135799"
},
{
"date": "2018-03-15T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5767"
},
{
"date": "2018-04-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-002267"
},
{
"date": "2018-03-15T13:25:13.937000",
"db": "NVD",
"id": "CVE-2018-5767"
},
{
"date": "2018-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201802-893"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201802-893"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tenda AC15 Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002267"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-893"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201802-893"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…