mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
132 lines
9.3 KiB
JSON
132 lines
9.3 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "http://jvn.jp/en/jp/JVN43172719/index.html",
|
|
"refsource": "MISC",
|
|
"name": "http://jvn.jp/en/jp/JVN43172719/index.html"
|
|
},
|
|
{
|
|
"refsource": "CONFIRM",
|
|
"name": "https://www.ntt-west.co.jp/kiki/support/flets/hgw/190626.html",
|
|
"url": "https://www.ntt-west.co.jp/kiki/support/flets/hgw/190626.html"
|
|
}
|
|
]
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Cross-site request forgery (CSRF) vulnerability in Hikari Denwa router/Home GateWay (Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION PR-S300NE/RT-S300NE/RV-S340NE firmware version Ver. 19.41 and earlier, PR-S300HI/RT-S300HI/RV-S340HI firmware version Ver.19.01.0005 and earlier, PR-S300SE/RT-S300SE/RV-S340SE firmware version Ver.19.40 and earlier, PR-400NE/RT-400NE/RV-440NE firmware version Ver.7.42 and earlier, PR-400KI/RT-400KI/RV-440KI firmware version Ver.07.00.1010 and earlier, PR-400MI/RT-400MI/RV-440MI firmware version Ver. 07.00.1012 and earlier, PR-500KI/RT-500KI firmware version Ver.01.00.0090 and earlier, RS-500KI firmware version Ver.01.00.0070 and earlier, PR-500MI/RT-500MI firmware version Ver.01.01.0014 and earlier, and RS-500MI firmware version Ver.03.01.0019 and earlier, and Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION PR-S300NE/RT-S300NE/RV-S340NE firmware version Ver. 19.41 and earlier, PR-S300HI/RT-S300HI/RV-S340HI firmware version Ver.19.01.0005 and earlier, PR-S300SE/RT-S300SE/RV-S340SE firmware version Ver.19.40 and earlier, PR-400NE/RT-400NE/RV-440NE firmware version Ver.7.42 and earlier, PR-400KI/RT-400KI/RV-440KI firmware version Ver.07.00.1010 and earlier, PR-400MI/RT-400MI/RV-440MI firmware version Ver. 07.00.1012 and earlier, PR-500KI/RT-500KI firmware version Ver.01.00.0090 and earlier, and PR-500MI/RT-500MI firmware version Ver.01.01.0011 and earlier) allow remote attackers to hijack the authentication of administrators via unspecified vectors."
|
|
}
|
|
]
|
|
},
|
|
"data_type": "CVE",
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Hikari Denwa router/Home GateWay",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "PR-S300NE/RT-S300NE/RV-S340NE firmware version Ver. 19.41 and earlier"
|
|
},
|
|
{
|
|
"version_value": "PR-S300HI/RT-S300HI/RV-S340HI firmware version Ver.19.01.0005 and earlier"
|
|
},
|
|
{
|
|
"version_value": "PR-S300SE/RT-S300SE/RV-S340SE firmware version Ver.19.40 and earlier"
|
|
},
|
|
{
|
|
"version_value": "PR-400NE/RT-400NE/RV-440NE firmware version Ver.7.42 and earlier"
|
|
},
|
|
{
|
|
"version_value": "PR-400KI/RT-400KI/RV-440KI firmware version Ver.07.00.1010 and earlier"
|
|
},
|
|
{
|
|
"version_value": "PR-400MI/RT-400MI/RV-440MI firmware version Ver. 07.00.1012 and earlier"
|
|
},
|
|
{
|
|
"version_value": "PR-500KI/RT-500KI firmware version Ver.01.00.0090 and earlier"
|
|
},
|
|
{
|
|
"version_value": "RS-500KI firmware version Ver.01.00.0070 and earlier"
|
|
},
|
|
{
|
|
"version_value": "PR-500MI/RT-500MI firmware version Ver.01.01.0014 and earlier"
|
|
},
|
|
{
|
|
"version_value": "RS-500MI firmware version Ver.03.01.0019 and earlier"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"vendor_name": "Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Hikari Denwa router/Home GateWay",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "PR-S300NE/RT-S300NE/RV-S340NE firmware version Ver. 19.41 and earlier"
|
|
},
|
|
{
|
|
"version_value": "PR-S300HI/RT-S300HI/RV-S340HI firmware version Ver.19.01.0005 and earlier"
|
|
},
|
|
{
|
|
"version_value": "PR-S300SE/RT-S300SE/RV-S340SE firmware version Ver.19.40 and earlier"
|
|
},
|
|
{
|
|
"version_value": "PR-400NE/RT-400NE/RV-440NE firmware version Ver.7.42 and earlier"
|
|
},
|
|
{
|
|
"version_value": "PR-400KI/RT-400KI/RV-440KI firmware version Ver.07.00.1010 and earlier"
|
|
},
|
|
{
|
|
"version_value": "PR-400MI/RT-400MI/RV-440MI firmware version Ver. 07.00.1012 and earlier"
|
|
},
|
|
{
|
|
"version_value": "PR-500KI/RT-500KI firmware version Ver.01.00.0090 and earlier"
|
|
},
|
|
{
|
|
"version_value": "PR-500MI/RT-500MI firmware version Ver.01.01.0011 and earlier"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2019-5986",
|
|
"ASSIGNER": "vultures@jpcert.or.jp",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"data_format": "MITRE",
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Cross-site request forgery (CSRF) vulnerability in Hikari Denwa router/Home GateWay (Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION PR-S300NE/RT-S300NE/RV-S340NE firmware version Ver. 19.41 and earlier, PR-S300HI/RT-S300HI/RV-S340HI firmware version Ver.19.01.0005 and earlier, PR-S300SE/RT-S300SE/RV-S340SE firmware version Ver.19.40 and earlier, PR-400NE/RT-400NE/RV-440NE firmware version Ver.7.42 and earlier, PR-400KI/RT-400KI/RV-440KI firmware version Ver.07.00.1010 and earlier, PR-400MI/RT-400MI/RV-440MI firmware version Ver. 07.00.1012 and earlier, PR-500KI/RT-500KI firmware version Ver.01.00.0090 and earlier, RS-500KI firmware version Ver.01.00.0070 and earlier, PR-500MI/RT-500MI firmware version Ver.01.01.0014 and earlier, and RS-500MI firmware version Ver.03.01.0019 and earlier, and Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION PR-S300NE/RT-S300NE/RV-S340NE firmware version Ver. 19.41 and earlier, PR-S300HI/RT-S300HI/RV-S340HI firmware version Ver.19.01.0005 and earlier, PR-S300SE/RT-S300SE/RV-S340SE firmware version Ver.19.40 and earlier, PR-400NE/RT-400NE/RV-440NE firmware version Ver.7.42 and earlier, PR-400KI/RT-400KI/RV-440KI firmware version Ver.07.00.1010 and earlier, PR-400MI/RT-400MI/RV-440MI firmware version Ver. 07.00.1012 and earlier, PR-500KI/RT-500KI firmware version Ver.01.00.0090 and earlier, and PR-500MI/RT-500MI firmware version Ver.01.01.0011 and earlier) allow remote attackers to hijack the authentication of administrators via unspecified vectors."
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
} |