admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-441xx/CVE-2021-44124.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

147 lines
4.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-44124",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-03-28T16:15:08.240",
"lastModified": "2024-11-21T06:30:24.353",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Hiby Music Hiby OS R3 Pro 1.5 and 1.6 is vulnerable to Directory Traversal. The HTTP Server does not have enough input data sanitization when shown data from SD Card, an attacker can navigate through the device's File System over HTTP."
},
{
"lang": "es",
"value": "Hiby Music Hiby OS R3 Pro versiones 1.5 y 1.6, es vulnerable a un Salto de Directorio. El servidor HTTP no presenta suficiente saneo de datos de entrada cuando son mostrados datos de la tarjeta SD, un atacante puede navegar mediante el sistema de archivos del dispositivo a trav\u00e9s de HTTP"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"baseScore": 5.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hiby:r3_pro_firmware:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "360F76DC-ADEC-4874-9193-9637512451AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hiby:r3_pro_firmware:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "55858C47-5A39-4578-A977-3825DABF1A39"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hiby:r3_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8654EDB-EDC3-4185-8844-076139DD5260"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/feric/Findings/tree/main/Hiby/Web%20Server/Path%20Traversal",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/vext01/hiby-issues/issues/9#issuecomment-907891626",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/feric/Findings/tree/main/Hiby/Web%20Server/Path%20Traversal",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/vext01/hiby-issues/issues/9#issuecomment-907891626",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink