Sign-up

ID

VAR-201810-1093


CVE

CVE-2018-3955


TITLE

Linksys E1200 Firmware and Linksys E2500 In firmware OS Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-013730

DESCRIPTION

An exploitable operating system command injection exists in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version 3.0.04). Specially crafted entries to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An attacker can send an authenticated HTTP request to trigger this vulnerability. Data entered into the 'Domain Name' input field through the web portal is submitted to apply.cgi as the value to the 'wan_domain' POST parameter. The wan_domain data goes through the nvram_set process described above. When the 'preinit' binary receives the SIGHUP signal it enters a code path that calls a function named 'set_host_domain_name' from its libshared.so shared object. The BelkinLinksys E1200 and E2500 are both E-series wireless router products from Belkin

Trust: 2.25

sources: NVD: CVE-2018-3955 // JVNDB: JVNDB-2018-013730 // CNVD: CNVD-2019-22779 // VULHUB: VHN-133986

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2019-22779

AFFECTED PRODUCTS

vendor:linksysmodel:e1200scope:eqversion:2.0.09

Trust: 1.0

vendor:linksysmodel:e2500scope:eqversion:3.0.04

Trust: 1.0

vendor:cisco linksysmodel:e1200scope:eqversion:2.0.09

Trust: 0.8

vendor:cisco linksysmodel:e2500scope:eqversion:3.0.04

Trust: 0.8

vendor:belkinmodel:linksys e2500scope:eqversion:3.0.04

Trust: 0.6

vendor:belkinmodel:linksys e1200scope:eqversion:2.0.09

Trust: 0.6

sources: CNVD: CNVD-2019-22779 // JVNDB: JVNDB-2018-013730 // NVD: CVE-2018-3955

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-3955
value: HIGH

Trust: 1.0

talos-cna@cisco.com: CVE-2018-3955
value: HIGH

Trust: 1.0

NVD: CVE-2018-3955
value: HIGH

Trust: 0.8

CNVD: CNVD-2019-22779
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201810-792
value: HIGH

Trust: 0.6

VULHUB: VHN-133986
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-3955
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-22779
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-133986
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

talos-cna@cisco.com: CVE-2018-3955
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.2
impactScore: 5.9
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2018-3955
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.2
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: CNVD: CNVD-2019-22779 // VULHUB: VHN-133986 // JVNDB: JVNDB-2018-013730 // CNNVD: CNNVD-201810-792 // NVD: CVE-2018-3955 // NVD: CVE-2018-3955

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.9

sources: VULHUB: VHN-133986 // JVNDB: JVNDB-2018-013730 // NVD: CVE-2018-3955

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201810-792

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201810-792

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-013730

PATCH
title:Top Pageurl:https://www.linksys.com/us/
Trust: 0.8
title:Patch for LinksysE1200 and E2500 Operating System Command Injection Vulnerability (CNVD-2019-22779)url:https://www.cnvd.org.cn/patchInfo/show/169115
Trust: 0.6
title:Linksys E1200  and E2500 Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85865
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-22779 // 
            
            
            
            JVNDB: JVNDB-2018-013730 // 
            
            
            
            CNNVD: CNNVD-201810-792

EXTERNAL IDS
db:TALOSid:TALOS-2018-0625
Trust: 3.1
db:NVDid:CVE-2018-3955
Trust: 3.1
db:JVNDBid:JVNDB-2018-013730
Trust: 0.8
db:CNNVDid:CNNVD-201810-792
Trust: 0.7
db:CNVDid:CNVD-2019-22779
Trust: 0.6
db:VULHUBid:VHN-133986
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2019-22779 // 
            
            
            
            VULHUB: VHN-133986 // 
            
            
            
            JVNDB: JVNDB-2018-013730 // 
            
            
            
            CNNVD: CNNVD-201810-792 // 
            
            
            
            NVD: CVE-2018-3955

REFERENCES
url:https://talosintelligence.com/vulnerability_reports/talos-2018-0625
Trust: 3.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3955
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-3955
Trust: 0.8
sources:
            
            
            CNVD: CNVD-2019-22779 // 
            
            
            
            VULHUB: VHN-133986 // 
            
            
            
            JVNDB: JVNDB-2018-013730 // 
            
            
            
            CNNVD: CNNVD-201810-792 // 
            
            
            
            NVD: CVE-2018-3955

SOURCES
db:CNVDid:CNVD-2019-22779
db:VULHUBid:VHN-133986
db:JVNDBid:JVNDB-2018-013730
db:CNNVDid:CNNVD-201810-792
db:NVDid:CVE-2018-3955

LAST UPDATE DATE
2024-11-23T22:21:54.791000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-22779date:2019-07-16T00:00:00
db:VULHUBid:VHN-133986date:2019-01-23T00:00:00
db:JVNDBid:JVNDB-2018-013730date:2019-02-28T00:00:00
db:CNNVDid:CNNVD-201810-792date:2022-04-20T00:00:00
db:NVDid:CVE-2018-3955date:2024-11-21T04:06:22.710

SOURCES RELEASE DATE
db:CNVDid:CNVD-2019-22779date:2019-07-16T00:00:00
db:VULHUBid:VHN-133986date:2018-10-17T00:00:00
db:JVNDBid:JVNDB-2018-013730date:2019-02-28T00:00:00
db:CNNVDid:CNNVD-201810-792date:2018-10-17T00:00:00
db:NVDid:CVE-2018-3955date:2018-10-17T02:29:01.593