admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-07 13:36:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-492xx/CVE-2023-49237.json

100 lines
2.8 KiB
JSON
Raw Normal View History

Auto-Update: 2024-01-09T11:00:25.566592+00:00
2024-01-09 11:00:29 +00:00
{
"id": "CVE-2023-49237",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-09T09:15:42.350",
Auto-Update: 2024-01-16T15:00:25.503898+00:00
2024-01-16 15:00:29 +00:00
"lastModified": "2024-01-16T14:51:27.687",
"vulnStatus": "Analyzed",
Auto-Update: 2024-01-09T11:00:25.566592+00:00
2024-01-09 11:00:29 +00:00
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices. Command injection can occur because the system function is used by davinci to unpack language packs without strict filtering of URL strings."
Auto-Update: 2024-01-09T15:00:24.670939+00:00
2024-01-09 15:00:28 +00:00
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en los dispositivos TRENDnet TV-IP1314PI 5.5.3 200714. La inyecci\u00f3n de comandos puede ocurrir porque davinci utiliza la funci\u00f3n del sistema para descomprimir paquetes de idiomas sin un filtrado estricto de las cadenas de URL."
Auto-Update: 2024-01-09T11:00:25.566592+00:00
2024-01-09 11:00:29 +00:00
}
],
Auto-Update: 2024-01-16T15:00:25.503898+00:00
2024-01-16 15:00:29 +00:00
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:trendnet:tv-ip1314pi_firmware:5.5.3:200714:*:*:*:*:*:*",
"matchCriteriaId": "13841547-5DE5-4FC8-B030-9B5CF2AB6AD4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:trendnet:tv-ip1314pi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7C52D00-1D07-4087-97A7-8691DDF76A4F"
}
]
}
]
}
],
Auto-Update: 2024-01-09T11:00:25.566592+00:00
2024-01-09 11:00:29 +00:00
"references": [
{
"url": "https://drive.google.com/file/d/1lTloBkH_7zAz1ZbFVSZnfpoPd81aPaHx/view?usp=sharing",
Auto-Update: 2024-01-16T15:00:25.503898+00:00
2024-01-16 15:00:29 +00:00
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
Auto-Update: 2024-01-09T11:00:25.566592+00:00
2024-01-09 11:00:29 +00:00
},
{
"url": "https://github.com/pcsle37/TRENDnet/blob/main/TRENDnet_vul.pdf",
Auto-Update: 2024-01-16T15:00:25.503898+00:00
2024-01-16 15:00:29 +00:00
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
Auto-Update: 2024-01-09T11:00:25.566592+00:00
2024-01-09 11:00:29 +00:00
}
]
}
Reference in New Issue Copy Permalink