mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
290 lines
13 KiB
JSON
290 lines
13 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2025-3008",
|
|
"ASSIGNER": "cna@vuldb.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A vulnerability classified as critical has been found in Novastar CX40 up to 2.44.0. Affected is the function system/popen of the file /usr/nova/bin/netconfig of the component NetFilter Utility. The manipulation leads to command injection. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
|
|
},
|
|
{
|
|
"lang": "deu",
|
|
"value": "Es wurde eine kritische Schwachstelle in Novastar CX40 bis 2.44.0 entdeckt. Dabei betrifft es die Funktion system/popen der Datei /usr/nova/bin/netconfig der Komponente NetFilter Utility. Durch das Beeinflussen mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Command Injection",
|
|
"cweId": "CWE-77"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Injection",
|
|
"cweId": "CWE-74"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Novastar",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "CX40",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.0"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.1"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.2"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.3"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.4"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.5"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.6"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.7"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.8"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.9"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.10"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.11"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.12"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.13"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.14"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.15"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.16"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.17"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.18"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.19"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.20"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.21"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.22"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.23"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.24"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.25"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.26"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.27"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.28"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.29"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.30"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.31"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.32"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.33"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.34"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.35"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.36"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.37"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.38"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.39"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.40"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.41"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.42"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.43"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.44"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://vuldb.com/?id.302058",
|
|
"refsource": "MISC",
|
|
"name": "https://vuldb.com/?id.302058"
|
|
},
|
|
{
|
|
"url": "https://vuldb.com/?ctiid.302058",
|
|
"refsource": "MISC",
|
|
"name": "https://vuldb.com/?ctiid.302058"
|
|
},
|
|
{
|
|
"url": "https://vuldb.com/?submit.524869",
|
|
"refsource": "MISC",
|
|
"name": "https://vuldb.com/?submit.524869"
|
|
}
|
|
]
|
|
},
|
|
"credits": [
|
|
{
|
|
"lang": "en",
|
|
"value": "ninpwn (VulDB User)"
|
|
}
|
|
],
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"version": "3.1",
|
|
"baseScore": 5.5,
|
|
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
{
|
|
"version": "3.0",
|
|
"baseScore": 5.5,
|
|
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
{
|
|
"version": "2.0",
|
|
"baseScore": 5.2,
|
|
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
|
|
}
|
|
]
|
|
}
|
|
} |