admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-06-17 04:00:33 +00:00
parent 932d51250e
commit 9cef84ca04
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
3 changed files with 429 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
2024/5xxx/CVE-2024-5163.json
View File

@ -1,18 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-5163",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security.tecno@tecno-mobile.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper permission settings for mobile applications (com.transsion.carlcare) may lead to user password and account security risks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "TECNO",
"product": {
"product_data": [
{
"product_name": "com.transsion.carlcare",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.8.1.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.tecno.com/SRC/blogdetail/267?lang=en_US",
"refsource": "MISC",
"name": "https://security.tecno.com/SRC/blogdetail/267?lang=en_US"
},
{
"url": "https://security.tecno.com/SRC/securityUpdates",
"refsource": "MISC",
"name": "https://security.tecno.com/SRC/securityUpdates"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
}
}

280
2024/6xxx/CVE-2024-6045.json
View File

@ -1,17 +1,289 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-6045",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@cert.org.tw",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Unauthenticated attackers on the local area network can force the device to enable Telnet service by accessing a specific URL and can log in by using the administrator credentials obtained from analyzing the firmware."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-912: Hidden Functionality",
"cweId": "CWE-912"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-798: Use of Hard-coded Credentials",
"cweId": "CWE-798"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "D-Link",
"product": {
"product_data": [
{
"product_name": "G403",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "earlier",
"version_value": "1.10.01"
}
]
}
},
{
"product_name": "G415",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "earlier",
"version_value": "1.10.01"
}
]
}
},
{
"product_name": "G416",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "earlier",
"version_value": "1.10.01"
}
]
}
},
{
"product_name": "M18",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "earlier",
"version_value": "1.10.01"
}
]
}
},
{
"product_name": "R03",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "earlier",
"version_value": "1.10.01"
}
]
}
},
{
"product_name": "R04",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "earlier",
"version_value": "1.10.01"
}
]
}
},
{
"product_name": "R12",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "earlier",
"version_value": "1.10.01"
}
]
}
},
{
"product_name": "R18",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "earlier",
"version_value": "1.10.01"
}
]
}
},
{
"product_name": "E30",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "earlier",
"version_value": "1.10.02"
}
]
}
},
{
"product_name": "M30",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "earlier",
"version_value": "1.10.02"
}
]
}
},
{
"product_name": "M32",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "earlier",
"version_value": "1.10.02"
}
]
}
},
{
"product_name": "M60",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "earlier",
"version_value": "1.10.02"
}
]
}
},
{
"product_name": "R32",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "earlier",
"version_value": "1.10.02"
}
]
}
},
{
"product_name": "E15",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "earlier",
"version_value": "1.20.01"
}
]
}
},
{
"product_name": "R15",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "earlier",
"version_value": "1.20.01"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-7879-da630-1.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/tw/cp-132-7879-da630-1.html"
},
{
"url": "https://www.twcert.org.tw/en/cp-139-7880-629f5-2.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/en/cp-139-7880-629f5-2.html"
},
{
"url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10398",
"refsource": "MISC",
"name": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10398"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "TVN-202406013",
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Please update firmware of following models to 1.10.01 or later version\uff1a<br>G403, G415, G416, M18, R03, R04, R12, R18<br><br>Please update firmware of following models to 1.10.02 or later version\uff1a <br>E30, M30, M32, M60, R32<br><br>Please update firmware of following models to 1.20.01 or later version\uff1a<br>E15, R15<br>"
}
],
"value": "Please update firmware of following models to 1.10.01 or later version\uff1a\nG403, G415, G416, M18, R03, R04, R12, R18\n\nPlease update firmware of following models to 1.10.02 or later version\uff1a \nE30, M30, M32, M60, R32\n\nPlease update firmware of following models to 1.20.01 or later version\uff1a\nE15, R15"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

97
2024/6xxx/CVE-2024-6046.json
View File

@ -1,17 +1,106 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-6046",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@cert.org.tw",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** UNSUPPPORTED WHEN ASSIGNED ** SECOM WRTR-304GN-304TW-UPSC V02(unsupported-when-assigned) does not properly filter user input in the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
"cweId": "CWE-78"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SECOM",
"product": {
"product_data": [
{
"product_name": "WRTR-304GN-304TW-UPSC",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "V02"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-7881-f88ad-1.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/tw/cp-132-7881-f88ad-1.html"
},
{
"url": "https://www.twcert.org.tw/en/cp-139-7882-998f5-2.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/en/cp-139-7882-998f5-2.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "TVN-202406014",
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The product is no longer in surport. Please retire affected device."
}
],
"value": "The product is no longer in surport. Please retire affected device."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}