Sign-up

ID

VAR-201808-0913


CVE

CVE-2018-3879


TITLE

Samsung SmartThings Hub STH-ETH-250 In the device SQL Injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-009528

DESCRIPTION

An exploitable JSON injection vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly parses the user-controlled JSON payload, leading to a JSON injection which in turn leads to a SQL injection in the video-core database. An attacker can send a series of HTTP requests to trigger this vulnerability. Samsung SmartThings Hub STH-ETH-250 The device includes SQL An injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungSmartThingsHub is a smart home management device from South Korea's Samsung. video-coreHTTPserver is one of the HTTP servers. An injection vulnerability exists in the credentials-handler of the video-coreHTTP server in SamsungSmartThingsHub. The vulnerability stems from the program not correctly parsing the JSON payload controlled by the user. An attacker can use the vulnerability to execute arbitrary SQL queries in the context of a video-core process by sending an HTTP request to execute arbitrary code

Trust: 2.25

sources: NVD: CVE-2018-3879 // JVNDB: JVNDB-2018-009528 // CNVD: CNVD-2018-17079 // VULHUB: VHN-133910

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

category:['home & office device']sub_category:smart home device

Trust: 0.1

category:['home & office device']sub_category:smart home controller

Trust: 0.1

sources: OTHER: None // CNVD: CNVD-2018-17079

AFFECTED PRODUCTS

vendor:samsungmodel:sth-eth-250scope:eqversion:0.20.17

Trust: 1.6

vendor:samsungmodel:smartthings hub sth-eth-250scope:eqversion:0.20.17

Trust: 0.8

vendor:samsungmodel:smartthings hubscope:eqversion:0.20.17

Trust: 0.6

sources: CNVD: CNVD-2018-17079 // JVNDB: JVNDB-2018-009528 // CNNVD: CNNVD-201807-1961 // NVD: CVE-2018-3879

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-3879
value: HIGH

Trust: 1.0

talos-cna@cisco.com: CVE-2018-3879
value: HIGH

Trust: 1.0

NVD: CVE-2018-3879
value: HIGH

Trust: 0.8

CNVD: CNVD-2018-17079
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201807-1961
value: HIGH

Trust: 0.6

VULHUB: VHN-133910
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-3879
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2018-17079
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-133910
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

talos-cna@cisco.com: CVE-2018-3879
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2018-3879
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: CNVD: CNVD-2018-17079 // VULHUB: VHN-133910 // JVNDB: JVNDB-2018-009528 // CNNVD: CNNVD-201807-1961 // NVD: CVE-2018-3879 // NVD: CVE-2018-3879

PROBLEMTYPE DATA

problemtype:CWE-89

Trust: 1.9

sources: VULHUB: VHN-133910 // JVNDB: JVNDB-2018-009528 // NVD: CVE-2018-3879

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201807-1961

TYPE

SQL injection

Trust: 0.6

sources: CNNVD: CNNVD-201807-1961

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-009528

PATCH
title:SmartThings Huburl:https://www.smartthings.com/products/smartthings-hub
Trust: 0.8
title:SamsungSmartThingsHubvideo-coreHTTP server injection vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/139065
Trust: 0.6
title:Samsung SmartThings Hub video-core HTTP Server injection vulnerability fixesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=82700
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2018-17079 // 
            
            
            
            JVNDB: JVNDB-2018-009528 // 
            
            
            
            CNNVD: CNNVD-201807-1961

EXTERNAL IDS
db:NVDid:CVE-2018-3879
Trust: 3.2
db:TALOSid:TALOS-2018-0556
Trust: 3.1
db:JVNDBid:JVNDB-2018-009528
Trust: 0.8
db:CNNVDid:CNNVD-201807-1961
Trust: 0.7
db:CNVDid:CNVD-2018-17079
Trust: 0.6
db:OTHERid:NONE
Trust: 0.1
db:SEEBUGid:SSVID-97441
Trust: 0.1
db:VULHUBid:VHN-133910
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            CNVD: CNVD-2018-17079 // 
            
            
            
            VULHUB: VHN-133910 // 
            
            
            
            JVNDB: JVNDB-2018-009528 // 
            
            
            
            CNNVD: CNNVD-201807-1961 // 
            
            
            
            NVD: CVE-2018-3879

REFERENCES
url:https://www.talosintelligence.com/vulnerability_reports/talos-2018-0556
Trust: 2.5
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3879
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-3879
Trust: 0.8
url:https://talosintelligence.com/vulnerability_reports/talos-2018-0556
Trust: 0.6
url:https://ieeexplore.ieee.org/abstract/document/10769424
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            CNVD: CNVD-2018-17079 // 
            
            
            
            VULHUB: VHN-133910 // 
            
            
            
            JVNDB: JVNDB-2018-009528 // 
            
            
            
            CNNVD: CNNVD-201807-1961 // 
            
            
            
            NVD: CVE-2018-3879

CREDITS
Discovered by Claudio Bozzato of Cisco Talos
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201807-1961

SOURCES
db:OTHERid: - 
db:CNVDid:CNVD-2018-17079
db:VULHUBid:VHN-133910
db:JVNDBid:JVNDB-2018-009528
db:CNNVDid:CNNVD-201807-1961
db:NVDid:CVE-2018-3879

LAST UPDATE DATE
2025-01-30T21:55:26.023000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-17079date:2018-08-31T00:00:00
db:VULHUBid:VHN-133910date:2018-10-26T00:00:00
db:JVNDBid:JVNDB-2018-009528date:2018-11-21T00:00:00
db:CNNVDid:CNNVD-201807-1961date:2022-04-20T00:00:00
db:NVDid:CVE-2018-3879date:2024-11-21T04:06:13.480

SOURCES RELEASE DATE
db:CNVDid:CNVD-2018-17079date:2018-08-31T00:00:00
db:VULHUBid:VHN-133910date:2018-08-23T00:00:00
db:JVNDBid:JVNDB-2018-009528date:2018-11-21T00:00:00
db:CNNVDid:CNNVD-201807-1961date:2018-07-30T00:00:00
db:NVDid:CVE-2018-3879date:2018-08-23T15:29:00.990