var-201909-0235
Vulnerability from variot
Cross-site scripting vulnerability in Hikari Denwa router/Home GateWay (Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION PR-S300NE/RT-S300NE/RV-S340NE firmware version Ver. 19.41 and earlier, PR-S300HI/RT-S300HI/RV-S340HI firmware version Ver.19.01.0005 and earlier, PR-S300SE/RT-S300SE/RV-S340SE firmware version Ver.19.40 and earlier, PR-400NE/RT-400NE/RV-440NE firmware version Ver.7.42 and earlier, PR-400KI/RT-400KI/RV-440KI firmware version Ver.07.00.1010 and earlier, PR-400MI/RT-400MI/RV-440MI firmware version Ver. 07.00.1012 and earlier, PR-500KI/RT-500KI firmware version Ver.01.00.0090 and earlier, RS-500KI firmware version Ver.01.00.0070 and earlier, PR-500MI/RT-500MI firmware version Ver.01.01.0014 and earlier, and RS-500MI firmware version Ver.03.01.0019 and earlier, and Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION PR-S300NE/RT-S300NE/RV-S340NE firmware version Ver. 19.41 and earlier, PR-S300HI/RT-S300HI/RV-S340HI firmware version Ver.19.01.0005 and earlier, PR-S300SE/RT-S300SE/RV-S340SE firmware version Ver.19.40 and earlier, PR-400NE/RT-400NE/RV-440NE firmware version Ver.7.42 and earlier, PR-400KI/RT-400KI/RV-440KI firmware version Ver.07.00.1010 and earlier, PR-400MI/RT-400MI/RV-440MI firmware version Ver. 07.00.1012 and earlier, PR-500KI/RT-500KI firmware version Ver.01.00.0090 and earlier, and PR-500MI/RT-500MI firmware version Ver.01.01.0011 and earlier) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. * Cross-site Scripting (CWE-79) - CVE-2019-5985 * Cross-site Request Forgery (CWE-352) - CVE-2019-5986 Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. An arbitrary script may be executed on the user's web browser - CVE-2019-5985 If a user who is logging into the device accesses a specially crafted web page, unintended operations may be conducted - CVE-2019-5986. NipponTelegraphandTelephoneHikariDenwaPhoneHomeGateway is a Nippon TelegraphandTelephone company's IP telephony service for its fiber service users. The vulnerability stems from the lack of proper validation of client data for web applications. An attacker could exploit the vulnerability to execute client code
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201909-0235", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "pr-s300ne", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "19.41" }, { "model": "rs-500mi", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "03.01.0019" }, { "model": "rt-400ki", "scope": "lte", "trust": 1.0, "vendor": "ntt west", "version": "07.00.1010" }, { "model": "rt-s300se", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "19.40" }, { "model": "pr-s300se", "scope": "lte", "trust": 1.0, "vendor": "ntt west", "version": "19.40" }, { "model": "rt-400ne", "scope": "lte", "trust": 1.0, "vendor": "ntt west", "version": "7.42" }, { "model": "rv-s340se", "scope": "lte", "trust": 1.0, "vendor": "ntt west", "version": "19.40" }, { "model": "rt-s300hi", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "19.01.0005" }, { "model": "pr-s300se", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "19.40" }, { "model": "rs-500ki", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "01.00.0070" }, { "model": "pr-s300hi", "scope": "lte", "trust": 1.0, "vendor": "ntt west", "version": "19.01.0005" }, { "model": "pr-400ki", "scope": "lte", "trust": 1.0, "vendor": "ntt west", "version": "07.00.1010" }, { "model": "rv-s340hi", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "19.01.0005" }, { "model": "pr-400ne", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "7.42" }, { "model": "pr-500mi", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "01.01.0014" }, { "model": "pr-500mi", "scope": "lte", "trust": 1.0, "vendor": "ntt west", "version": "01.01.0011" }, { "model": "pr-400mi", "scope": "lte", "trust": 1.0, "vendor": "ntt west", "version": "07.00.1012" }, { "model": "rv-440ne", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "7.42" }, { "model": "rt-400ki", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "07.00.1010" }, { "model": "rt-s300ne", "scope": "lte", "trust": 1.0, "vendor": "ntt west", "version": "19.41" }, { "model": "rv-440ki", "scope": "lte", "trust": 1.0, "vendor": "ntt west", "version": "07.00.1010" }, { "model": "rv-440mi", "scope": "lte", "trust": 1.0, "vendor": "ntt west", "version": "07.00.1012" }, { "model": "rt-500ki", "scope": "lte", "trust": 1.0, "vendor": "ntt west", "version": "01.00.0090" }, { "model": "rv-s340ne", "scope": "lte", "trust": 1.0, "vendor": "ntt west", "version": "19.41" }, { "model": "rt-400mi", "scope": "lte", "trust": 1.0, "vendor": "ntt west", "version": "07.00.1012" }, { "model": "rv-s340se", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "19.40" }, { "model": "pr-500ki", "scope": "lte", "trust": 1.0, "vendor": "ntt west", "version": "01.00.0090" }, { "model": "pr-400mi", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "07.00.1012" }, { "model": "rt-400ne", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "7.42" }, { "model": "pr-s300ne", "scope": "lte", "trust": 1.0, "vendor": "ntt west", "version": "19.41" }, { "model": "pr-400ki", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "07.00.1010" }, { "model": "pr-s300hi", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "19.01.0005" }, { "model": "rv-s340ne", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "19.41" }, { "model": "rv-440ki", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "07.00.1010" }, { "model": "rt-500mi", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "01.01.0014" }, { "model": "rt-s300se", "scope": "lte", "trust": 1.0, "vendor": "ntt west", "version": "19.40" }, { "model": "rt-500mi", "scope": "lte", "trust": 1.0, "vendor": "ntt west", "version": "01.01.0011" }, { "model": "rv-440mi", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "07.00.1012" }, { "model": "pr-500ki", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "01.00.0090" }, { "model": "rt-500ki", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "01.00.0090" }, { "model": "rt-s300hi", "scope": "lte", "trust": 1.0, "vendor": "ntt west", "version": "19.01.0005" }, { "model": "rv-440ne", "scope": "lte", "trust": 1.0, "vendor": "ntt west", "version": "7.42" }, { "model": "rt-s300ne", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "19.41" }, { "model": "rt-400mi", "scope": "lte", "trust": 1.0, "vendor": "ntt east", "version": "07.00.1012" }, { "model": "rv-s340hi", "scope": "lte", "trust": 1.0, "vendor": "ntt west", "version": "19.01.0005" }, { "model": "pr-400ne", "scope": "lte", "trust": 1.0, "vendor": "ntt west", "version": "7.42" }, { "model": "pr-400ki", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver.07.00.1010" }, { "model": "pr-400mi", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver. 07.00.1012" }, { "model": "pr-400ne", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver.7.42" }, { "model": "pr-500ki", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver.01.00.0090" }, { "model": "pr-500mi", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver.01.01.0014" }, { "model": "pr-s300hi", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver.19.01.0005" }, { "model": "pr-s300ne", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver. 19.41" }, { "model": "pr-s300se", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver.19.40" }, { "model": "rs-500ki", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver.01.00.0070" }, { "model": "rs-500mi", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver.03.01.0019" }, { "model": "rt-400ki", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver.07.00.1010" }, { "model": "rt-400mi", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver. 07.00.1012" }, { "model": "rt-400ne", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver.7.42" }, { "model": "rt-500ki", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver.01.00.0090" }, { "model": "rt-500mi", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver.01.01.0014" }, { "model": "rt-s300hi", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver.19.01.0005" }, { "model": "rt-s300ne", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver. 19.41" }, { "model": "rt-s300se", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver.19.40" }, { "model": "rv-440ki", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver.07.00.1010" }, { "model": "rv-440mi", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver. 07.00.1012" }, { "model": "rv-440ne", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver.7.42" }, { "model": "rv-s340hi", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver.19.01.0005" }, { "model": "rv-s340ne", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver. 19.41" }, { "model": "rv-s340se", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone east", "version": "firmware version ver.19.40" }, { "model": "pr-400ki", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone west", "version": "firmware version ver.07.00.1010" }, { "model": "pr-400mi", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone west", "version": "firmware version ver. 07.00.1012" }, { "model": "pr-400ne", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone west", "version": "firmware version ver.7.42" }, { "model": "pr-500ki", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone west", "version": "firmware version ver.01.00.0090" }, { "model": "pr-500mi", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone west", "version": "firmware version ver.01.01.0011" }, { "model": "pr-s300hi", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone west", "version": "firmware version ver.19.01.0005" }, { "model": "pr-s300ne", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone west", "version": "firmware version ver. 19.41" }, { "model": "pr-s300se", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone west", "version": "firmware version ver.19.40" }, { "model": "rt-400ki", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone west", "version": "firmware version ver.07.00.1010" }, { "model": "rt-400mi", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone west", "version": "firmware version ver. 07.00.1012" }, { "model": "rt-400ne", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone west", "version": "firmware version ver.7.42" }, { "model": "rt-500ki", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone west", "version": "firmware version ver.01.00.0090" }, { "model": "rt-500mi", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone west", "version": "firmware version ver.01.01.0011" }, { "model": "rt-s300hi", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone west", "version": "firmware version ver.19.01.0005" }, { "model": "rt-s300ne", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone west", "version": "firmware version ver. 19.41" }, { "model": "rt-s300se", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone west", "version": "firmware version ver.19.40" }, { "model": "rv-440ki", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone west", "version": "firmware version ver.07.00.1010" }, { "model": "rv-440mi", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone west", "version": "firmware version ver. 07.00.1012" }, { "model": "rv-440ne", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone west", "version": "firmware version ver.7.42" }, { "model": "rv-s340hi", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone west", "version": "firmware version ver.19.01.0005" }, { "model": "rv-s340ne", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone west", "version": "firmware version ver. 19.41" }, { "model": "rv-s340se", "scope": "lte", "trust": 0.8, "vendor": "nippon telegraph and telephone west", "version": "firmware version ver.19.40" }, { "model": "pr-s300ne/rt-s300ne/rv-s340ne", "scope": "lte", "trust": 0.6, "vendor": "nippon telegraph and telephone east", "version": "\u003c=19.41" }, { "model": "pr-s300hi/rt-s300hi/rv-s340hi", "scope": "lte", "trust": 0.6, "vendor": "nippon telegraph and telephone east", "version": "\u003c=19.01.0005" }, { "model": "pr-s300se/rt-s300se/rv-s340se", "scope": "lte", "trust": 0.6, "vendor": "nippon telegraph and telephone east", "version": "\u003c=19.40" }, { "model": "pr-400ne/rt-400ne/rv-440ne", "scope": "lte", "trust": 0.6, "vendor": "nippon telegraph and telephone east", "version": "\u003c=7.42" }, { "model": "pr-400ki/rt-400ki/rv-440ki", "scope": "lte", "trust": 0.6, "vendor": "nippon telegraph and telephone east", "version": "\u003c=07.00.1010" }, { "model": "pr-400mi/rt-400mi/rv-440mi", "scope": "lte", "trust": 0.6, "vendor": "nippon telegraph and telephone east", "version": "\u003c=07.00.1012" }, { "model": "pr-500ki/rt-500ki", "scope": "lte", "trust": 0.6, "vendor": "nippon telegraph and telephone east", "version": "\u003c=01.00.0090" }, { "model": "rs-500ki", "scope": "lte", "trust": 0.6, "vendor": "nippon telegraph and telephone east", "version": "\u003c=01.00.0070" }, { "model": "pr-500mi/rt-500mi", "scope": "lte", "trust": 0.6, "vendor": "nippon telegraph and telephone east", "version": "\u003c=01.01.0014" }, { "model": "rs-500mi", "scope": "lte", "trust": 0.6, "vendor": "nippon telegraph and telephone east", "version": "\u003c=03.01.0019" }, { "model": "pr-s300ne/rt-s300ne/rv-s340ne", "scope": "lte", "trust": 0.6, "vendor": "nippon telegraph and telephone west", "version": "\u003c=19.41" }, { "model": "pr-s300hi/rt-s300hi/rv-s340hi", "scope": "lte", "trust": 0.6, "vendor": "nippon telegraph and telephone west", "version": "\u003c=19.01.0005" }, { "model": "pr-s300se/rt-s300se/rv-s340se", "scope": "lte", "trust": 0.6, "vendor": "nippon telegraph and telephone west", "version": "\u003c=19.40" }, { "model": "pr-400ne/rt-400ne/rv-440ne", "scope": "lte", "trust": 0.6, "vendor": "nippon telegraph and telephone west", "version": "\u003c=7.42" }, { "model": "pr-400ki/rt-400ki/rv-440ki", "scope": "lte", "trust": 0.6, "vendor": "nippon telegraph and telephone west", "version": "\u003c=07.00.1010" }, { "model": "pr-400mi/rt-400mi/rv-440mi", "scope": "lte", "trust": 0.6, "vendor": "nippon telegraph and telephone west", "version": "\u003c=07.00.1012" }, { "model": "pr-500ki/rt-500ki", "scope": "lte", "trust": 0.6, "vendor": "nippon telegraph and telephone west", "version": "\u003c=01.00.0090" }, { "model": "pr-500mi/rt-500mi", "scope": "lte", "trust": 0.6, "vendor": "nippon telegraph and telephone west", "version": "\u003c=01.01.0011" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-22850" }, { "db": "JVNDB", "id": "JVNDB-2019-000043" }, { "db": "NVD", "id": "CVE-2019-5985" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:pr-s300ne_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.41", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:pr-s300ne:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:rt-s300ne_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.41", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:rt-s300ne:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:rv-s340ne_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.41", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:rv-s340ne:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:pr-s300hi_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.01.0005", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:pr-s300hi:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:rt-s300hi_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.01.0005", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:rt-s300hi:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:rv-s340hi_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.01.0005", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:rv-s340hi:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:pr-s300se_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.40", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:pr-s300se:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:rt-s300se_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.40", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:rt-s300se:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:rv-s340se_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.40", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:rv-s340se:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:pr-400ne_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "7.42", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:pr-400ne:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:rt-400ne_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "7.42", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:rt-400ne:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:rv-440ne_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "7.42", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:rv-440ne:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:pr-400ki_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "07.00.1010", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:pr-400ki:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:rt-400ki_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "07.00.1010", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:rt-400ki:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:rv-440ki_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "07.00.1010", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:rv-440ki:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:pr-400mi_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "07.00.1012", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:pr-400mi:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:rt-400mi_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "07.00.1012", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:rt-400mi:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:rv-440mi_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "07.00.1012", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:rv-440mi:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:pr-500ki_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "01.00.0090", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:pr-500ki:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:rt-500ki_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "01.00.0090", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:rt-500ki:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:rs-500ki_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "01.00.0070", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:rs-500ki:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:pr-500mi_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "01.01.0014", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:pr-500mi:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:rt-500mi_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "01.01.0014", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:rt-500mi:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-east:rs-500mi_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "03.01.0019", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-east:rs-500mi:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-west:pr-s300ne_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.41", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-west:pr-s300ne:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-west:rt-s300ne_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.41", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-west:rt-s300ne:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-west:rv-s340ne_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.41", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-west:rv-s340ne:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-west:pr-s300hi_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.01.0005", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-west:pr-s300hi:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-west:rt-s300hi_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.01.0005", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-west:rt-s300hi:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-west:rv-s340hi_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.01.0005", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-west:rv-s340hi:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-west:pr-s300se_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.40", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-west:pr-s300se:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-west:rt-s300se_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.40", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-west:rt-s300se:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-west:rv-s340se_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.40", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-west:rv-s340se:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-west:pr-400ne_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "7.42", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-west:pr-400ne:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-west:rt-400ne_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "7.42", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-west:rt-400ne:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-west:rv-440ne_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "7.42", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-west:rv-440ne:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-west:pr-400ki_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "07.00.1010", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-west:pr-400ki:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-west:rt-400ki_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "07.00.1010", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-west:rt-400ki:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-west:rv-440ki_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "07.00.1010", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-west:rv-440ki:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-west:pr-400mi_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "07.00.1012", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-west:pr-400mi:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-west:rt-400mi_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "07.00.1012", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-west:rt-400mi:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-west:rv-440mi_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "07.00.1012", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-west:rv-440mi:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-west:pr-500ki_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "01.00.0090", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-west:pr-500ki:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-west:rt-500ki_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "01.00.0090", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-west:rt-500ki:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-west:pr-500mi_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "01.01.0011", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-west:pr-500mi:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ntt-west:rt-500mi_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "01.01.0011", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:ntt-west:rt-500mi:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2019-5985" } ] }, "cve": "CVE-2019-5985", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "impactScore": 2.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "IPA", "availabilityImpact": "None", "baseScore": 4.3, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2019-000043", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "High", "accessVector": "Network", "authentication": "None", "author": "IPA", "availabilityImpact": "None", "baseScore": 2.6, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2019-000043", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Low", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "CNVD-2019-22850", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "VHN-157420", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULMON", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "CVE-2019-5985", "impactScore": 2.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "MEDIUM", "trust": 0.1, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitabilityScore": 2.8, "impactScore": 2.7, "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "IPA", "availabilityImpact": "None", "baseScore": 6.1, "baseSeverity": "Medium", "confidentialityImpact": "Low", "exploitabilityScore": null, "id": "JVNDB-2019-000043", "impactScore": null, "integrityImpact": "Low", "privilegesRequired": "None", "scope": "Changed", "trust": 0.8, "userInteraction": "Required", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "IPA", "availabilityImpact": "None", "baseScore": 6.5, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2019-000043", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "Required", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.0" } ], "severity": [ { "author": "IPA", "id": "JVNDB-2019-000043", "trust": 1.6, "value": "Medium" }, { "author": "NVD", "id": "CVE-2019-5985", "trust": 1.0, "value": "MEDIUM" }, { "author": "CNVD", "id": "CNVD-2019-22850", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201906-1067", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-157420", "trust": 0.1, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2019-5985", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-22850" }, { "db": "VULHUB", "id": "VHN-157420" }, { "db": "VULMON", "id": "CVE-2019-5985" }, { "db": "JVNDB", "id": "JVNDB-2019-000043" }, { "db": "JVNDB", "id": "JVNDB-2019-000043" }, { "db": "NVD", "id": "CVE-2019-5985" }, { "db": "CNNVD", "id": "CNNVD-201906-1067" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Cross-site scripting vulnerability in Hikari Denwa router/Home GateWay (Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION PR-S300NE/RT-S300NE/RV-S340NE firmware version Ver. 19.41 and earlier, PR-S300HI/RT-S300HI/RV-S340HI firmware version Ver.19.01.0005 and earlier, PR-S300SE/RT-S300SE/RV-S340SE firmware version Ver.19.40 and earlier, PR-400NE/RT-400NE/RV-440NE firmware version Ver.7.42 and earlier, PR-400KI/RT-400KI/RV-440KI firmware version Ver.07.00.1010 and earlier, PR-400MI/RT-400MI/RV-440MI firmware version Ver. 07.00.1012 and earlier, PR-500KI/RT-500KI firmware version Ver.01.00.0090 and earlier, RS-500KI firmware version Ver.01.00.0070 and earlier, PR-500MI/RT-500MI firmware version Ver.01.01.0014 and earlier, and RS-500MI firmware version Ver.03.01.0019 and earlier, and Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION PR-S300NE/RT-S300NE/RV-S340NE firmware version Ver. 19.41 and earlier, PR-S300HI/RT-S300HI/RV-S340HI firmware version Ver.19.01.0005 and earlier, PR-S300SE/RT-S300SE/RV-S340SE firmware version Ver.19.40 and earlier, PR-400NE/RT-400NE/RV-440NE firmware version Ver.7.42 and earlier, PR-400KI/RT-400KI/RV-440KI firmware version Ver.07.00.1010 and earlier, PR-400MI/RT-400MI/RV-440MI firmware version Ver. 07.00.1012 and earlier, PR-500KI/RT-500KI firmware version Ver.01.00.0090 and earlier, and PR-500MI/RT-500MI firmware version Ver.01.01.0011 and earlier) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. * Cross-site Scripting (CWE-79) - CVE-2019-5985 * Cross-site Request Forgery (CWE-352) - CVE-2019-5986 Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. *An arbitrary script may be executed on the user\u0027s web browser - CVE-2019-5985 *If a user who is logging into the device accesses a specially crafted web page, unintended operations may be conducted - CVE-2019-5986. NipponTelegraphandTelephoneHikariDenwaPhoneHomeGateway is a Nippon TelegraphandTelephone company\u0027s IP telephony service for its fiber service users. The vulnerability stems from the lack of proper validation of client data for web applications. An attacker could exploit the vulnerability to execute client code", "sources": [ { "db": "NVD", "id": "CVE-2019-5985" }, { "db": "JVNDB", "id": "JVNDB-2019-000043" }, { "db": "CNVD", "id": "CNVD-2019-22850" }, { "db": "VULHUB", "id": "VHN-157420" }, { "db": "VULMON", "id": "CVE-2019-5985" } ], "trust": 2.34 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-5985", "trust": 3.2 }, { "db": "JVN", "id": "JVN43172719", "trust": 3.2 }, { "db": "JVNDB", "id": "JVNDB-2019-000043", "trust": 1.4 }, { "db": "CNNVD", "id": "CNNVD-201906-1067", "trust": 0.7 }, { "db": "CNVD", "id": "CNVD-2019-22850", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-157420", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2019-5985", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-22850" }, { "db": "VULHUB", "id": "VHN-157420" }, { "db": "VULMON", "id": "CVE-2019-5985" }, { "db": "JVNDB", "id": "JVNDB-2019-000043" }, { "db": "NVD", "id": "CVE-2019-5985" }, { "db": "CNNVD", "id": "CNNVD-201906-1067" } ] }, "id": "VAR-201909-0235", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2019-22850" }, { "db": "VULHUB", "id": "VHN-157420" } ], "trust": 0.06999999999999999 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "Network device" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-22850" } ] }, "last_update_date": "2023-12-18T12:35:59.806000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": " NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION website", "trust": 0.8, "url": "https://web116.jp/ced/support/news/contents/2019/20190626.html" }, { "title": "NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION website", "trust": 0.8, "url": "https://www.ntt-west.co.jp/kiki/support/flets/hgw/190626.html" }, { "title": "Patch of NipponTelegraphandTelephoneHikariDenwaPhoneHomeGateway Cross-Site Scripting Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/169193" }, { "title": "Nippon Telegraph and Telephone Hikari Denwa Phone Home Gateway Fixes for cross-site scripting vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=112900" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-22850" }, { "db": "JVNDB", "id": "JVNDB-2019-000043" }, { "db": "CNNVD", "id": "CNNVD-201906-1067" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-79", "trust": 1.9 }, { "problemtype": "CWE-352", "trust": 0.8 } ], "sources": [ { "db": "VULHUB", "id": "VHN-157420" }, { "db": "JVNDB", "id": "JVNDB-2019-000043" }, { "db": "NVD", "id": "CVE-2019-5985" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.6, "url": "http://jvn.jp/en/jp/jvn43172719/index.html" }, { "trust": 1.8, "url": "https://www.ntt-west.co.jp/kiki/support/flets/hgw/190626.html" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5985" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5985" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5986" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5986" }, { "trust": 0.6, "url": "https://jvn.jp/en/jp/jvn43172719/" }, { "trust": 0.6, "url": "https://jvndb.jvn.jp/en/contents/2019/jvndb-2019-000043.html" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/79.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-22850" }, { "db": "VULHUB", "id": "VHN-157420" }, { "db": "VULMON", "id": "CVE-2019-5985" }, { "db": "JVNDB", "id": "JVNDB-2019-000043" }, { "db": "NVD", "id": "CVE-2019-5985" }, { "db": "CNNVD", "id": "CNNVD-201906-1067" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2019-22850" }, { "db": "VULHUB", "id": "VHN-157420" }, { "db": "VULMON", "id": "CVE-2019-5985" }, { "db": "JVNDB", "id": "JVNDB-2019-000043" }, { "db": "NVD", "id": "CVE-2019-5985" }, { "db": "CNNVD", "id": "CNNVD-201906-1067" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-07-17T00:00:00", "db": "CNVD", "id": "CNVD-2019-22850" }, { "date": "2019-09-12T00:00:00", "db": "VULHUB", "id": "VHN-157420" }, { "date": "2019-09-12T00:00:00", "db": "VULMON", "id": "CVE-2019-5985" }, { "date": "2019-06-27T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-000043" }, { "date": "2019-09-12T17:15:13.920000", "db": "NVD", "id": "CVE-2019-5985" }, { "date": "2019-06-27T00:00:00", "db": "CNNVD", "id": "CNNVD-201906-1067" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-07-23T00:00:00", "db": "CNVD", "id": "CNVD-2019-22850" }, { "date": "2019-09-16T00:00:00", "db": "VULHUB", "id": "VHN-157420" }, { "date": "2019-09-16T00:00:00", "db": "VULMON", "id": "CVE-2019-5985" }, { "date": "2019-10-08T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-000043" }, { "date": "2019-09-16T17:44:28.980000", "db": "NVD", "id": "CVE-2019-5985" }, { "date": "2020-03-25T00:00:00", "db": "CNNVD", "id": "CNNVD-201906-1067" } ] }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Nippon Telegraph and Telephone Hikari Denwa Phone Home Gateway Cross-Site Scripting Vulnerability", "sources": [ { "db": "CNVD", "id": "CNVD-2019-22850" }, { "db": "CNNVD", "id": "CNNVD-201906-1067" } ], "trust": 1.2 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "XSS", "sources": [ { "db": "CNNVD", "id": "CNNVD-201906-1067" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.