nvd-json-data-feeds/CVE-2019/CVE-2019-164xx/CVE-2019-16412.json

{
  "id": "CVE-2019-16412",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2019-09-19T16:15:11.667",
  "lastModified": "2024-11-21T04:30:39.917",
  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In goform/setSysTools on Tenda N301 wireless routers, attackers can trigger a device crash via a zero wanMTU value. (Prohibition of this zero value is only enforced within the GUI.)"
    },
    {
      "lang": "es",
      "value": "En goform/setSysTools en los enrutadores inal\u00e1mbricos Tenda N301, los atacantes pueden desencadenar un bloqueo del dispositivo por medio de un valor wanMTU cero. (La prohibici\u00f3n de este valor cero solo es aplicado dentro de la GUI)."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "baseScore": 7.8,
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "COMPLETE"
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ]
    }
  ],
  "configurations": [
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:tendacn:n301_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A846CC91-CF0B-4BA4-ADA7-55C18B946A7A"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:tendacn:n301:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1C74D69-820C-456E-93D6-CB1DD8755BBD"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://github.com/Gr3gPr1est/BugReport/blob/master/CVE-2019-16412.pdf",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://github.com/Gr3gPr1est/BugReport/blob/master/CVE-2019-16412.pdf",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    }
  ]
}