mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
102 lines
3.7 KiB
JSON
102 lines
3.7 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2014-8654",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway hardware 1.0 with firmware CH6640-3.5.11.7-NOSH allow remote attackers to hijack the authentication of administrators for requests that (1) have unspecified impact on DDNS configuration via a request to basicDDNS.html, (2) change the wifi password via the psKey parameter to setWirelessSecurity.html, (3) add a static MAC address via the MacAddress parameter in an add_static action to setBasicDHCP1.html, or (4) enable or disable UPnP via the UPnP parameter in an apply action to setAdvancedOptions.html."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5203.php",
|
|
"refsource": "MISC",
|
|
"url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5203.php"
|
|
},
|
|
{
|
|
"name": "70762",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/70762"
|
|
},
|
|
{
|
|
"name": "113843",
|
|
"refsource": "OSVDB",
|
|
"url": "http://osvdb.org/show/osvdb/113843"
|
|
},
|
|
{
|
|
"name": "cbn-ch6640ecg6640e-csrf(98329)",
|
|
"refsource": "XF",
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98329"
|
|
},
|
|
{
|
|
"name": "113842",
|
|
"refsource": "OSVDB",
|
|
"url": "http://osvdb.org/show/osvdb/113842"
|
|
},
|
|
{
|
|
"name": "113841",
|
|
"refsource": "OSVDB",
|
|
"url": "http://osvdb.org/show/osvdb/113841"
|
|
},
|
|
{
|
|
"name": "35075",
|
|
"refsource": "EXPLOIT-DB",
|
|
"url": "http://www.exploit-db.com/exploits/35075"
|
|
},
|
|
{
|
|
"name": "113840",
|
|
"refsource": "OSVDB",
|
|
"url": "http://osvdb.org/show/osvdb/113840"
|
|
},
|
|
{
|
|
"name": "http://packetstormsecurity.com/files/128860/CBN-CH6640E-CG6640E-Wireless-Gateway-XSS-CSRF-DoS-Disclosure.html",
|
|
"refsource": "MISC",
|
|
"url": "http://packetstormsecurity.com/files/128860/CBN-CH6640E-CG6640E-Wireless-Gateway-XSS-CSRF-DoS-Disclosure.html"
|
|
}
|
|
]
|
|
}
|
|
} |