Details of VAR-201403-0306

ID

VAR-201403-0306

CVE

CVE-2014-2321

TITLE

ZTE F460/F660 backdoor unauthorized access vulnerability

Trust: 1.5

sources: CNVD: CNVD-2014-01538 // BID: 65962 // CNNVD: CNNVD-201403-112

DESCRIPTION

web_shell_cmd.gch on ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd requests, as demonstrated by using "set TelnetCfg" commands to enable a TELNET service with specified credentials. ZTE F460/F660 cable modems contain an unauthenticated backdoor. ZTE Provided by F460/F660 Has a problem with accessing the product without authorization. ZTE Provided by F460/F660 Without authentication web_shell_cmd.gch There is an issue with access to the script.A remote attacker may execute arbitrary commands with administrator privileges for the device. ZTE of ZTE F460 and ZTE F660 contains vulnerabilities related to authorization, privileges, and access control.None. ZTE F460/F660 are cable modem products. The web_shell_cmd.gch script accepts unauthenticated commands and can be accessed from the WAN interface. ZTE F460/F660 are prone to an unauthorized-access vulnerability. This may aid in further attacks. A security vulnerability exists in the web_shell_cmd.gch script file of ZTE F460 and F660 fiber optic modems. A remote attacker can exploit this vulnerability to gain administrative privileges by sending a sendcmd request

Trust: 4.05

sources: NVD: CVE-2014-2321 // CERT/CC: VU#600724 // JVNDB: JVNDB-2014-001564 // JVNDB: JVNDB-2014-009029 // CNVD: CNVD-2014-01538 // BID: 65962 // VULHUB: VHN-70260 // VULMON: CVE-2014-2321

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2014-01538

AFFECTED PRODUCTS

vendor:	zte	model:	f460	scope:	-	version:	-	Trust: 2.2
vendor:	zte	model:	f660	scope:	-	version:	-	Trust: 2.2
vendor:	zte	model:	f460	scope:	eq	version:	-	Trust: 1.6
vendor:	zte	model:	f660	scope:	eq	version:	-	Trust: 1.6
vendor:	zte	model:	-	scope:	-	version:	-	Trust: 0.8

sources: CERT/CC: VU#600724 // CNVD: CNVD-2014-01538 // JVNDB: JVNDB-2014-001564 // JVNDB: JVNDB-2014-009029 // CNNVD: CNNVD-201403-112 // NVD: CVE-2014-2321

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2014-2321
value:	HIGH
Trust: 1.6
nvd@nist.gov:	CVE-2014-2321
value:	HIGH
Trust: 1.0
CNVD:	CNVD-2014-01538
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201403-112
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-70260
value:	HIGH
Trust: 0.1
VULMON:	CVE-2014-2321
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2014-2321
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 2.7
CNVD:	CNVD-2014-01538
severity:	HIGH
baseScore:	8.3
vectorString:	AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-70260
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2014-01538 // VULHUB: VHN-70260 // VULMON: CVE-2014-2321 // JVNDB: JVNDB-2014-001564 // JVNDB: JVNDB-2014-009029 // CNNVD: CNNVD-201403-112 // NVD: CVE-2014-2321

PROBLEMTYPE DATA

problemtype:	CWE-264	Trust: 1.9
problemtype:	Authorization / authority / access control (CWE-264) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-70260 // JVNDB: JVNDB-2014-001564 // JVNDB: JVNDB-2014-009029 // NVD: CVE-2014-2321

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201403-112

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201403-112

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-001564

PATCH

title:	Top Page	url:	http://wwwen.zte.com.cn/en/	Trust: 0.8
title:	kenzer-templates	url:	https://github.com/Elsfa7-110/kenzer-templates	Trust: 0.1
title:	kenzer-templates	url:	https://github.com/ARPSyndicate/kenzer-templates	Trust: 0.1

sources: VULMON: CVE-2014-2321 // JVNDB: JVNDB-2014-001564

EXTERNAL IDS

db:	NVD	id:	CVE-2014-2321	Trust: 5.1
db:	CERT/CC	id:	VU#600724	Trust: 4.8
db:	BID	id:	65962	Trust: 1.7
db:	JVN	id:	JVNVU95250773	Trust: 0.8
db:	JVNDB	id:	JVNDB-2014-001564	Trust: 0.8
db:	JVNDB	id:	JVNDB-2014-009029	Trust: 0.8
db:	CNNVD	id:	CNNVD-201403-112	Trust: 0.7
db:	CNVD	id:	CNVD-2014-01538	Trust: 0.6
db:	VULHUB	id:	VHN-70260	Trust: 0.1
db:	VULMON	id:	CVE-2014-2321	Trust: 0.1

sources: CERT/CC: VU#600724 // CNVD: CNVD-2014-01538 // VULHUB: VHN-70260 // VULMON: CVE-2014-2321 // BID: 65962 // JVNDB: JVNDB-2014-001564 // JVNDB: JVNDB-2014-009029 // CNNVD: CNNVD-201403-112 // NVD: CVE-2014-2321

REFERENCES

url:	http://www.kb.cert.org/vuls/id/600724	Trust: 4.0
url:	https://community.rapid7.com/community/infosec/blog/2014/03/03/disclosure-r7-2013-18-zte-f460-and-zte-f660-webshellcmdgch-backdoor	Trust: 3.4
url:	http://www.myxzy.com/post-411.html	Trust: 3.4
url:	http://jvn.jp/vu/jvnvu95250773/index.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2321	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2014-2321	Trust: 0.8
url:	http://www.securityfocus.com/bid/65962	Trust: 0.7
url:	https://cwe.mitre.org/data/definitions/264.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/elsfa7-110/kenzer-templates	Trust: 0.1

sources: CERT/CC: VU#600724 // CNVD: CNVD-2014-01538 // VULHUB: VHN-70260 // VULMON: CVE-2014-2321 // JVNDB: JVNDB-2014-001564 // JVNDB: JVNDB-2014-009029 // CNNVD: CNNVD-201403-112 // NVD: CVE-2014-2321

CREDITS

Unknown

Trust: 0.3

sources: BID: 65962

SOURCES

db:	CERT/CC	id:	VU#600724
db:	CNVD	id:	CNVD-2014-01538
db:	VULHUB	id:	VHN-70260
db:	VULMON	id:	CVE-2014-2321
db:	BID	id:	65962
db:	JVNDB	id:	JVNDB-2014-001564
db:	JVNDB	id:	JVNDB-2014-009029
db:	CNNVD	id:	CNNVD-201403-112
db:	NVD	id:	CVE-2014-2321

LAST UPDATE DATE

2024-08-14T14:46:47.946000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#600724	date:	2014-03-19T00:00:00
db:	CNVD	id:	CNVD-2014-01538	date:	2020-03-10T00:00:00
db:	VULHUB	id:	VHN-70260	date:	2014-03-11T00:00:00
db:	VULMON	id:	CVE-2014-2321	date:	2014-03-11T00:00:00
db:	BID	id:	65962	date:	2014-03-12T18:04:00
db:	JVNDB	id:	JVNDB-2014-001564	date:	2014-03-12T00:00:00
db:	JVNDB	id:	JVNDB-2014-009029	date:	2024-07-18T07:32:00
db:	CNNVD	id:	CNNVD-201403-112	date:	2014-03-12T00:00:00
db:	NVD	id:	CVE-2014-2321	date:	2014-03-11T16:22:42.157

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#600724	date:	2014-03-04T00:00:00
db:	CNVD	id:	CNVD-2014-01538	date:	2014-03-10T00:00:00
db:	VULHUB	id:	VHN-70260	date:	2014-03-11T00:00:00
db:	VULMON	id:	CVE-2014-2321	date:	2014-03-11T00:00:00
db:	BID	id:	65962	date:	2014-03-04T00:00:00
db:	JVNDB	id:	JVNDB-2014-001564	date:	2014-03-05T00:00:00
db:	JVNDB	id:	JVNDB-2014-009029	date:	2024-07-18T00:00:00
db:	CNNVD	id:	CNNVD-201403-112	date:	2014-03-07T00:00:00
db:	NVD	id:	CVE-2014-2321	date:	2014-03-11T13:01:19.140