{ "id": "CVE-2019-13473", "sourceIdentifier": "cve@mitre.org", "published": "2019-09-11T19:15:11.593", "lastModified": "2024-11-21T04:24:58.320", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial i200, Imperial i200-cd, Imperial i400, Imperial i450, Imperial i500-bt, and Imperial i600 TN81HH96-g102h-g102 devices have an undocumented TELNET service within the BusyBox subsystem, leading to root access." }, { "lang": "es", "value": "TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial i200, Imperial i200-cd, Imperial i400, Imperial i450, Imperial i500-bt e Imperial i600 TN81HH96-g102h-g102, poseen un servicio TELNET no documentado dentro del subsistema BusyBox, conllevando al acceso root." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 5.9 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "baseScore": 10.0, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE" }, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-798" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:telestar:bobs_rock_radio_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E17F5D40-3E6A-4C0B-8F28-5D96F45FE273" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:telestar:bobs_rock_radio:-:*:*:*:*:*:*:*", "matchCriteriaId": "FF18181F-B99B-483C-B779-38C2C84179D0" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:telestar:dabman_d10_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "68DFF28E-E5AA-4047-AF18-A80A15EC6CEB" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:telestar:dabman_d10:-:*:*:*:*:*:*:*", "matchCriteriaId": "AF3FE4C9-6A4D-4919-9843-CCC1CB26D67A" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:telestar:dabman_i30_stereo_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "254CA4AF-3CC3-4CDA-AAF5-88835F6B6BFC" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:telestar:dabman_i30_stereo:-:*:*:*:*:*:*:*", "matchCriteriaId": "65031EB4-579B-4E6D-9066-27756D021F4E" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:telestar:imperial_i110_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "89245799-021A-4D8B-8539-B705BDB39E9B" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:telestar:imperial_i110:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC789F3B-1D46-4646-A798-8ABF326E772E" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:telestar:imperial_i150_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F2626170-1D7F-4B16-B6D9-D3015E2444E0" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:telestar:imperial_i150:-:*:*:*:*:*:*:*", "matchCriteriaId": "478E93CC-8681-4307-ABBD-1C036FBC61A4" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:telestar:imperial_i200_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D91ADE9C-14DF-44F8-8310-6657482C365D" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:telestar:imperial_i200:-:*:*:*:*:*:*:*", "matchCriteriaId": "E20E36FC-CD25-4E84-BB9E-E3225C26252A" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:telestar:imperial_i200-cd_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D8B9F1D2-9A67-43E3-B0F2-ED657E3444F7" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:telestar:imperial_i200-cd:-:*:*:*:*:*:*:*", "matchCriteriaId": "3584EFD9-E2F5-4DD2-8CB0-F4F70A095B2B" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:telestar:imperial_i400_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "77C4CBB3-EE19-41FC-BD5C-22B5828D7BE4" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:telestar:imperial_i400:-:*:*:*:*:*:*:*", "matchCriteriaId": "F084C2EF-EDB5-444E-B41C-3D09C844C99D" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:telestar:imperial_i450_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "70788B50-9E5E-4246-A79D-67C0F3BFEF2D" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:telestar:imperial_i450:-:*:*:*:*:*:*:*", "matchCriteriaId": "7BE2E73A-6C2A-4EE1-ADB3-B91A86BE1138" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:telestar:imperial_i500-bt_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "30B6A1C7-E1AB-4B3C-A074-978F147F9A2B" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:telestar:imperial_i500-bt:-:*:*:*:*:*:*:*", "matchCriteriaId": "B854016E-329B-470C-B0AA-6C45109EA81A" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:telestar:imperial_i600_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "414960F2-B667-4949-9534-15C0D71D77DE" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:telestar:imperial_i600:-:*:*:*:*:*:*:*", "matchCriteriaId": "2E80EDE7-635A-41A9-93FD-17C3D773C3DA" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:auna:connect_100_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C005B276-EA66-4AF2-AA7B-5F0F583D4B54" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:auna:connect_100:-:*:*:*:*:*:*:*", "matchCriteriaId": "2ADFE934-5C1E-4640-97D0-923A647D4A2D" } ] } ] } ], "references": [ { "url": "http://packetstormsecurity.com/files/154416/Dabman-And-Imperial-Web-Radio-Devices-Undocumented-Telnet-Backdoor.html", "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ] }, { "url": "http://packetstormsecurity.com/files/174503/Internet-Radio-auna-IR-160-SE-UIProto-DoS-XSS-Missing-Authentication.html", "source": "cve@mitre.org" }, { "url": "http://seclists.org/fulldisclosure/2023/Sep/1", "source": "cve@mitre.org" }, { "url": "https://www.vulnerability-lab.com/get_content.php?id=2183", "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ] }, { "url": "http://packetstormsecurity.com/files/154416/Dabman-And-Imperial-Web-Radio-Devices-Undocumented-Telnet-Backdoor.html", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ] }, { "url": "http://packetstormsecurity.com/files/174503/Internet-Radio-auna-IR-160-SE-UIProto-DoS-XSS-Missing-Authentication.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://seclists.org/fulldisclosure/2023/Sep/1", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://www.vulnerability-lab.com/get_content.php?id=2183", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ] } ] }