mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-29 05:56:17 +00:00
248 lines
8.3 KiB
JSON
248 lines
8.3 KiB
JSON
{
|
|
"id": "CVE-2016-5676",
|
|
"sourceIdentifier": "cret@cert.org",
|
|
"published": "2016-08-31T15:59:02.657",
|
|
"lastModified": "2017-09-03T01:29:10.657",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "cgi-bin/cgi_system in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo 1.7.5 through 2.x, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to reset the administrator password via a cmd=loaddefconfig action."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "cgi-bin/cgi_system en NUUO NVRmini 2 1.7.5 hasta la versi\u00f3n 2.x, NUUO NVRsolo 1.7.5 hasta la versi\u00f3n 2.x y NETGEAR ReadyNAS Surveillance 1.1.1 hasta la versi\u00f3n 1.4.1 permite a atacantes remotos reiniciar la contrase\u00f1a de administrador a trav\u00e9s de una acci\u00f3n cmd=loaddefconfig."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV30": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.0",
|
|
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 7.5,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 3.6
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 5.0
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-285"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:netgear:readynas_surveillance:1.1.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E9350713-FE2D-4E0B-9F8C-DC75D39DBE94"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:netgear:readynas_surveillance:1.1.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EA1225D7-C268-4343-9988-7A75416B9860"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:netgear:readynas_surveillance:1.2.0.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B4596B86-FE04-4EF0-B2B0-DEA2F435FF19"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:netgear:readynas_surveillance:1.3.2.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "000CBDBE-2C3C-4502-86A7-C3D098DE3C5B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:netgear:readynas_surveillance:1.3.2.14:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2FA3A6C7-3EB1-466F-A2A4-C221821D1811"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:netgear:readynas_surveillance:1.4.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B7D6B8FE-33D3-4080-BFF4-7EE8E2554CFC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:netgear:readynas_surveillance:1.4.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "44FC066D-B18D-4BC3-B43B-AA83EB186C7D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:netgear:readynas_surveillance:1.4.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D335E352-75D8-4A05-A040-2543B2B016DF"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:nuuo:nvrsolo:1.75:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E652B5F9-1A30-4830-A6C3-666998D29225"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:nuuo:nvrsolo:2.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C09EB9FB-26CB-4A2D-9113-882D80BC9BBD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:nuuo:nvrsolo:2.0.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1D76A17A-872C-4281-8525-BA9388F181F8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:nuuo:nvrsolo:2.1.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DDEC215A-2E41-4CF6-BB86-BC472CDDC9AD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:nuuo:nvrsolo:2.2.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0EF7E86B-2D6D-41B2-B676-D963FAF622A8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:nuuo:nvrsolo:2.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C23EF235-9834-48E7-8B92-AE0EE0F461B5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:nuuo:nvrsolo:2.3.1.20:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CE643FA9-EF8E-43A3-8E0C-819EC434040F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:nuuo:nvrsolo:2.3.7.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4347D1E4-E162-462E-9A30-2DF79A0010EA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:nuuo:nvrsolo:2.3.7.10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "20B9E362-D36F-49BC-B695-46796662A3F0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:nuuo:nvrsolo:2.3.9.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "51998757-3AAB-40E4-BDAB-B027843F1DBE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:nuuo:nvrsolo:3.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EBCF388E-9FBD-4A85-9BA6-0DF7C85632EC"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:nuuo:nvrmini_2:1.7.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7F373AAC-B792-45AB-B4FE-37FC6A91DE7B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:nuuo:nvrmini_2:1.7.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9BD02ABB-65FF-4F08-9C99-69BB03A2AE07"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:nuuo:nvrmini_2:2.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "949274A8-E85A-4344-A4F2-2E038B877874"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:nuuo:nvrmini_2:2.2.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AD3D600A-4E84-416C-BAAE-70684DCFD15E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:nuuo:nvrmini_2:3.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1EA286A6-CCCD-419A-B9DC-10F4B59FF2FB"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://www.kb.cert.org/vuls/id/856152",
|
|
"source": "cret@cert.org",
|
|
"tags": [
|
|
"US Government Resource",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/92318",
|
|
"source": "cret@cert.org"
|
|
},
|
|
{
|
|
"url": "https://www.exploit-db.com/exploits/40200/",
|
|
"source": "cret@cert.org"
|
|
}
|
|
]
|
|
} |