Added changes using the information provided by the CNA for CVE-2018-3948.

2025-06-08 22:18:26 +00:00 · 2018-11-29 11:11:30 -05:00 · 2018-11-29 11:11:30 -05:00 · e59eca466a
commit e59eca466a
parent d2911b234a
1 changed files with 46 additions and 3 deletions
--- a/2018/3xxx/CVE-2018-3948.json
+++ b/2018/3xxx/CVE-2018-3948.json
@ -1,8 +1,32 @@
 {
   "CVE_data_meta" : {
-      "ASSIGNER" : "cve@mitre.org",
+      "ASSIGNER" : "psirt@cisco.com",
+      "DATE_PUBLIC" : "2018-11-19T00:00:00",
      "ID" : "CVE-2018-3948",
-      "STATE" : "RESERVED"
+      "STATE" : "PUBLIC"
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "TP-Link",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "TP-Link TL-R600VPN HWv3 FRNv1.3.0 TP-Link TL-R600VPN HWv2 FRNv1.2.3"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name" : "Cisco Systems, Inc."
+            }
+         ]
+      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
@ -11,7 +35,26 @@
      "description_data" : [
         {
            "lang" : "eng",
-            "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided."
+            "value" : "An exploitable denial-of-service vulnerability exists in the URI-parsing functionality of the TP-Link TL-R600VPN HTTP server. A specially crafted URL can cause the server to stop responding to requests, resulting in downtime for the management portal. An attacker can send either an unauthenticated or authenticated web request to trigger this vulnerability."
+         }
+      ]
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "denial of service"
+               }
+            ]
+         }
+      ]
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "url" : "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0617"
         }
      ]
   }