From eb5d5ee429e2c6c34874c9440b157a0349e46357 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 16 Apr 2025 04:00:37 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2025/37xxx/CVE-2025-37727.json | 18 ++++++ 2025/37xxx/CVE-2025-37728.json | 18 ++++++ 2025/37xxx/CVE-2025-37729.json | 18 ++++++ 2025/37xxx/CVE-2025-37730.json | 18 ++++++ 2025/37xxx/CVE-2025-37731.json | 18 ++++++ 2025/37xxx/CVE-2025-37732.json | 18 ++++++ 2025/37xxx/CVE-2025-37733.json | 18 ++++++ 2025/37xxx/CVE-2025-37734.json | 18 ++++++ 2025/37xxx/CVE-2025-37735.json | 18 ++++++ 2025/37xxx/CVE-2025-37736.json | 18 ++++++ 2025/3xxx/CVE-2025-3495.json | 86 +++++++++++++++++++++++-- 2025/3xxx/CVE-2025-3664.json | 114 +++++++++++++++++++++++++++++++-- 2025/3xxx/CVE-2025-3665.json | 114 +++++++++++++++++++++++++++++++-- 2025/3xxx/CVE-2025-3666.json | 114 +++++++++++++++++++++++++++++++-- 14 files changed, 592 insertions(+), 16 deletions(-) create mode 100644 2025/37xxx/CVE-2025-37727.json create mode 100644 2025/37xxx/CVE-2025-37728.json create mode 100644 2025/37xxx/CVE-2025-37729.json create mode 100644 2025/37xxx/CVE-2025-37730.json create mode 100644 2025/37xxx/CVE-2025-37731.json create mode 100644 2025/37xxx/CVE-2025-37732.json create mode 100644 2025/37xxx/CVE-2025-37733.json create mode 100644 2025/37xxx/CVE-2025-37734.json create mode 100644 2025/37xxx/CVE-2025-37735.json create mode 100644 2025/37xxx/CVE-2025-37736.json diff --git a/2025/37xxx/CVE-2025-37727.json b/2025/37xxx/CVE-2025-37727.json new file mode 100644 index 00000000000..d48c271cf47 --- /dev/null +++ b/2025/37xxx/CVE-2025-37727.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-37727", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/37xxx/CVE-2025-37728.json b/2025/37xxx/CVE-2025-37728.json new file mode 100644 index 00000000000..6e1f0c1b5e2 --- /dev/null +++ b/2025/37xxx/CVE-2025-37728.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-37728", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/37xxx/CVE-2025-37729.json b/2025/37xxx/CVE-2025-37729.json new file mode 100644 index 00000000000..3aa6f0a7adb --- /dev/null +++ b/2025/37xxx/CVE-2025-37729.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-37729", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/37xxx/CVE-2025-37730.json b/2025/37xxx/CVE-2025-37730.json new file mode 100644 index 00000000000..92f3020ef1a --- /dev/null +++ b/2025/37xxx/CVE-2025-37730.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-37730", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/37xxx/CVE-2025-37731.json b/2025/37xxx/CVE-2025-37731.json new file mode 100644 index 00000000000..2e48aac3933 --- /dev/null +++ b/2025/37xxx/CVE-2025-37731.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-37731", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/37xxx/CVE-2025-37732.json b/2025/37xxx/CVE-2025-37732.json new file mode 100644 index 00000000000..77593e645bf --- /dev/null +++ b/2025/37xxx/CVE-2025-37732.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-37732", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/37xxx/CVE-2025-37733.json b/2025/37xxx/CVE-2025-37733.json new file mode 100644 index 00000000000..fe5107c450b --- /dev/null +++ b/2025/37xxx/CVE-2025-37733.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-37733", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/37xxx/CVE-2025-37734.json b/2025/37xxx/CVE-2025-37734.json new file mode 100644 index 00000000000..8dc042d74d9 --- /dev/null +++ b/2025/37xxx/CVE-2025-37734.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-37734", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/37xxx/CVE-2025-37735.json b/2025/37xxx/CVE-2025-37735.json new file mode 100644 index 00000000000..4de30031574 --- /dev/null +++ b/2025/37xxx/CVE-2025-37735.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-37735", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/37xxx/CVE-2025-37736.json b/2025/37xxx/CVE-2025-37736.json new file mode 100644 index 00000000000..5ca106e0047 --- /dev/null +++ b/2025/37xxx/CVE-2025-37736.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-37736", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3495.json b/2025/3xxx/CVE-2025-3495.json index da6dfdc770c..d2012573247 100644 --- a/2025/3xxx/CVE-2025-3495.json +++ b/2025/3xxx/CVE-2025-3495.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-3495", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "Delta.PSIRT@deltaww.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Delta Electronics COMMGR v1 and v2\u00a0uses insufficiently randomized values to generate session IDs (CWE-338). An attacker could easily brute force a session ID and load and execute arbitrary code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)", + "cweId": "CWE-338" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Delta Electronics", + "product": { + "product_data": [ + { + "product_name": "COMMGR", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00005_COMMGR%20-%20Insufficient%20Randomization%20Authentication%20Bypass_v1.pdf", + "refsource": "MISC", + "name": "https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00005_COMMGR%20-%20Insufficient%20Randomization%20Authentication%20Bypass_v1.pdf" + }, + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-07", + "refsource": "MISC", + "name": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-07" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "defect": [ + "CISA" + ], + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2025/3xxx/CVE-2025-3664.json b/2025/3xxx/CVE-2025-3664.json index ed2048ecfa5..847e316a428 100644 --- a/2025/3xxx/CVE-2025-3664.json +++ b/2025/3xxx/CVE-2025-3664.json @@ -1,17 +1,123 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-3664", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability, which was classified as critical, was found in TOTOLINK A3700R 9.1.2u.5822_B20200513. Affected is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "deu", + "value": "Es wurde eine Schwachstelle in TOTOLINK A3700R 9.1.2u.5822_B20200513 gefunden. Sie wurde als kritisch eingestuft. Es geht dabei um die Funktion setWiFiEasyGuestCfg der Datei /cgi-bin/cstecgi.cgi. Durch Beeinflussen mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Access Controls", + "cweId": "CWE-284" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Incorrect Privilege Assignment", + "cweId": "CWE-266" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "TOTOLINK", + "product": { + "product_data": [ + { + "product_name": "A3700R", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "9.1.2u.5822_B20200513" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.304842", + "refsource": "MISC", + "name": "https://vuldb.com/?id.304842" + }, + { + "url": "https://vuldb.com/?ctiid.304842", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.304842" + }, + { + "url": "https://vuldb.com/?submit.551296", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.551296" + }, + { + "url": "https://lavender-bicycle-a5a.notion.site/TOTOLINK-A3700R-setWiFiEasyGuestCfg-1cb53a41781f805f9ee3f1b2d362d3f2?pvs=4", + "refsource": "MISC", + "name": "https://lavender-bicycle-a5a.notion.site/TOTOLINK-A3700R-setWiFiEasyGuestCfg-1cb53a41781f805f9ee3f1b2d362d3f2?pvs=4" + }, + { + "url": "https://www.totolink.net/", + "refsource": "MISC", + "name": "https://www.totolink.net/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "yhryhryhr (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 5.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 5.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 5, + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N" } ] } diff --git a/2025/3xxx/CVE-2025-3665.json b/2025/3xxx/CVE-2025-3665.json index 00e28b0b9ab..78087fc1556 100644 --- a/2025/3xxx/CVE-2025-3665.json +++ b/2025/3xxx/CVE-2025-3665.json @@ -1,17 +1,123 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-3665", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability has been found in TOTOLINK A3700R 9.1.2u.5822_B20200513 and classified as critical. Affected by this vulnerability is the function setSmartQosCfg of the file /cgi-bin/cstecgi.cgi. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "deu", + "value": "In TOTOLINK A3700R 9.1.2u.5822_B20200513 wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Dabei geht es um die Funktion setSmartQosCfg der Datei /cgi-bin/cstecgi.cgi. Dank der Manipulation mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Access Controls", + "cweId": "CWE-284" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Incorrect Privilege Assignment", + "cweId": "CWE-266" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "TOTOLINK", + "product": { + "product_data": [ + { + "product_name": "A3700R", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "9.1.2u.5822_B20200513" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.304843", + "refsource": "MISC", + "name": "https://vuldb.com/?id.304843" + }, + { + "url": "https://vuldb.com/?ctiid.304843", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.304843" + }, + { + "url": "https://vuldb.com/?submit.551297", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.551297" + }, + { + "url": "https://lavender-bicycle-a5a.notion.site/TOTOLINK-A3700R-setSmartQosCfg-1cb53a41781f80ce9b7aca2c6ff9bea4?pvs=4", + "refsource": "MISC", + "name": "https://lavender-bicycle-a5a.notion.site/TOTOLINK-A3700R-setSmartQosCfg-1cb53a41781f80ce9b7aca2c6ff9bea4?pvs=4" + }, + { + "url": "https://www.totolink.net/", + "refsource": "MISC", + "name": "https://www.totolink.net/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "yhryhryhr_backup (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 5.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 5.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 5, + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N" } ] } diff --git a/2025/3xxx/CVE-2025-3666.json b/2025/3xxx/CVE-2025-3666.json index 5122fddf7fa..be1ee4597dc 100644 --- a/2025/3xxx/CVE-2025-3666.json +++ b/2025/3xxx/CVE-2025-3666.json @@ -1,17 +1,123 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-3666", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822_B20200513 and classified as critical. Affected by this issue is the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "deu", + "value": "Eine Schwachstelle wurde in TOTOLINK A3700R 9.1.2u.5822_B20200513 gefunden. Sie wurde als kritisch eingestuft. Hierbei geht es um die Funktion setDdnsCfg der Datei /cgi-bin/cstecgi.cgi. Dank Manipulation mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Access Controls", + "cweId": "CWE-284" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Incorrect Privilege Assignment", + "cweId": "CWE-266" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "TOTOLINK", + "product": { + "product_data": [ + { + "product_name": "A3700R", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "9.1.2u.5822_B20200513" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.304844", + "refsource": "MISC", + "name": "https://vuldb.com/?id.304844" + }, + { + "url": "https://vuldb.com/?ctiid.304844", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.304844" + }, + { + "url": "https://vuldb.com/?submit.551298", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.551298" + }, + { + "url": "https://lavender-bicycle-a5a.notion.site/TOTOLINK-A3700R-setDdnsCfg-1cb53a41781f8001b9c0f345a120e2e7?pvs=4", + "refsource": "MISC", + "name": "https://lavender-bicycle-a5a.notion.site/TOTOLINK-A3700R-setDdnsCfg-1cb53a41781f8001b9c0f345a120e2e7?pvs=4" + }, + { + "url": "https://www.totolink.net/", + "refsource": "MISC", + "name": "https://www.totolink.net/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "yhryhryhr_mie (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 5.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 5.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 5, + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N" } ] }