Sign-up

ID

VAR-201905-0652


CVE

CVE-2017-18369


TITLE

Billion 5200W-T Command injection vulnerability in routers

Trust: 0.8

sources: JVNDB: JVNDB-2017-014438

DESCRIPTION

The Billion 5200W-T 1.02b.rc5.dt49 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user. The vulnerability is in the adv_remotelog.asp page and can be exploited through the syslogServerAddr parameter. Billion Electric 5200W-T is a wireless router produced by British company Billion Electric. The vulnerability stems from the fact that the network system or product does not correctly filter special characters, commands, etc. in the process of constructing executable commands of the operating system from external input data. Attackers can exploit this vulnerability to execute illegal operating system commands

Trust: 1.8

sources: NVD: CVE-2017-18369 // JVNDB: JVNDB-2017-014438 // VULHUB: VHN-109484 // VULMON: CVE-2017-18369

AFFECTED PRODUCTS

vendor:billionmodel:5200w-tscope:eqversion:1.02b

Trust: 1.0

vendor:billionmodel:5200w-tscope:eqversion:1.02b.rc5.dt49

Trust: 0.8

sources: JVNDB: JVNDB-2017-014438 // NVD: CVE-2017-18369

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-18369
value: CRITICAL

Trust: 1.0

NVD: CVE-2017-18369
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201905-073
value: CRITICAL

Trust: 0.6

VULHUB: VHN-109484
value: HIGH

Trust: 0.1

VULMON: CVE-2017-18369
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-18369
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-109484
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-18369
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-109484 // VULMON: CVE-2017-18369 // JVNDB: JVNDB-2017-014438 // CNNVD: CNNVD-201905-073 // NVD: CVE-2017-18369

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.1

problemtype:CWE-77

Trust: 0.9

sources: VULHUB: VHN-109484 // JVNDB: JVNDB-2017-014438 // NVD: CVE-2017-18369

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-073

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201905-073

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-014438

PATCH
title:Top Pageurl:http://www.billion.com.tw/index.aspx
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2017-014438

EXTERNAL IDS
db:NVDid:CVE-2017-18369
Trust: 2.6
db:JVNDBid:JVNDB-2017-014438
Trust: 0.8
db:CNNVDid:CNNVD-201905-073
Trust: 0.7
db:VULHUBid:VHN-109484
Trust: 0.1
db:VULMONid:CVE-2017-18369
Trust: 0.1
sources:
            
            
            VULHUB: VHN-109484 // 
            
            
            
            VULMON: CVE-2017-18369 // 
            
            
            
            JVNDB: JVNDB-2017-014438 // 
            
            
            
            CNNVD: CNNVD-201905-073 // 
            
            
            
            NVD: CVE-2017-18369

REFERENCES
url:https://seclists.org/fulldisclosure/2017/jan/40
Trust: 2.6
url:https://raw.githubusercontent.com/pedrib/poc/master/advisories/zyxel_trueonline.txt
Trust: 1.8
url:https://ssd-disclosure.com/index.php/archives/2910
Trust: 1.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-18369
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18369
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/78.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.rapid7.com/db/modules/exploit/linux/http/trueonline_billion_5200w_rce
Trust: 0.1
sources:
            
            
            VULHUB: VHN-109484 // 
            
            
            
            VULMON: CVE-2017-18369 // 
            
            
            
            JVNDB: JVNDB-2017-014438 // 
            
            
            
            CNNVD: CNNVD-201905-073 // 
            
            
            
            NVD: CVE-2017-18369

SOURCES
db:VULHUBid:VHN-109484
db:VULMONid:CVE-2017-18369
db:JVNDBid:JVNDB-2017-014438
db:CNNVDid:CNNVD-201905-073
db:NVDid:CVE-2017-18369

LAST UPDATE DATE
2024-11-23T22:06:11.709000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-109484date:2019-10-03T00:00:00
db:VULMONid:CVE-2017-18369date:2019-10-03T00:00:00
db:JVNDBid:JVNDB-2017-014438date:2019-05-24T00:00:00
db:CNNVDid:CNNVD-201905-073date:2020-05-22T00:00:00
db:NVDid:CVE-2017-18369date:2024-11-21T03:19:57.060

SOURCES RELEASE DATE
db:VULHUBid:VHN-109484date:2019-05-02T00:00:00
db:VULMONid:CVE-2017-18369date:2019-05-02T00:00:00
db:JVNDBid:JVNDB-2017-014438date:2019-05-24T00:00:00
db:CNNVDid:CNNVD-201905-073date:2019-05-02T00:00:00
db:NVDid:CVE-2017-18369date:2019-05-02T17:29:00.647