Sign-up

ID

VAR-201905-0655


CVE

CVE-2017-18372


TITLE

Billion 5200W-T Command injection vulnerability in routers

Trust: 0.8

sources: JVNDB: JVNDB-2017-014435

DESCRIPTION

The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has a command injection vulnerability in the Time Setting function, which is only accessible by an authenticated user. The vulnerability is in the tools_time.asp page and can be exploited through the uiViewSNTPServer parameter. Authentication can be achieved by exploiting CVE-2017-18373. Billion Electric 5200W-T is a wireless router produced by British company Billion Electric. The vulnerability stems from the fact that the network system or product does not correctly filter special characters, commands, etc. in the process of constructing executable commands of the operating system from external input data. Attackers can exploit this vulnerability to execute illegal operating system commands

Trust: 1.71

sources: NVD: CVE-2017-18372 // JVNDB: JVNDB-2017-014435 // VULHUB: VHN-109488

AFFECTED PRODUCTS

vendor:zyxelmodel:p660hn-t1a v2scope:eqversion:7.3.15.0

Trust: 1.0

vendor:billionmodel:5200w-tscope:eqversion:7.3.8.0

Trust: 1.0

vendor:zyxelmodel:p660hn-t1a v1scope:eqversion:7.3.15.0

Trust: 1.0

vendor:billionmodel:5200w-tscope: - version: -

Trust: 0.8

vendor:zyxelmodel:p660hn-t1a v1scope: - version: -

Trust: 0.8

vendor:zyxelmodel:p660hn-t1a v2scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2017-014435 // NVD: CVE-2017-18372

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-18372
value: HIGH

Trust: 1.0

NVD: CVE-2017-18372
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201905-077
value: HIGH

Trust: 0.6

VULHUB: VHN-109488
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-18372
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-109488
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-18372
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-109488 // JVNDB: JVNDB-2017-014435 // CNNVD: CNNVD-201905-077 // NVD: CVE-2017-18372

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.1

problemtype:CWE-77

Trust: 0.9

sources: VULHUB: VHN-109488 // JVNDB: JVNDB-2017-014435 // NVD: CVE-2017-18372

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-077

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201905-077

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-014435

PATCH
title:Top Pageurl:http://www.billion.com.tw/index.aspx
Trust: 0.8
title:Top Pageurl:https://www.zyxel.com/homepage.shtml
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2017-014435

EXTERNAL IDS
db:NVDid:CVE-2017-18372
Trust: 2.5
db:JVNDBid:JVNDB-2017-014435
Trust: 0.8
db:CNNVDid:CNNVD-201905-077
Trust: 0.7
db:VULHUBid:VHN-109488
Trust: 0.1
sources:
            
            
            VULHUB: VHN-109488 // 
            
            
            
            JVNDB: JVNDB-2017-014435 // 
            
            
            
            CNNVD: CNNVD-201905-077 // 
            
            
            
            NVD: CVE-2017-18372

REFERENCES
url:https://seclists.org/fulldisclosure/2017/jan/40
Trust: 2.5
url:https://raw.githubusercontent.com/pedrib/poc/master/advisories/zyxel_trueonline.txt
Trust: 1.7
url:https://ssd-disclosure.com/index.php/archives/2910
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2017-18372
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18372
Trust: 0.8
sources:
            
            
            VULHUB: VHN-109488 // 
            
            
            
            JVNDB: JVNDB-2017-014435 // 
            
            
            
            CNNVD: CNNVD-201905-077 // 
            
            
            
            NVD: CVE-2017-18372

SOURCES
db:VULHUBid:VHN-109488
db:JVNDBid:JVNDB-2017-014435
db:CNNVDid:CNNVD-201905-077
db:NVDid:CVE-2017-18372

LAST UPDATE DATE
2024-11-23T22:48:23.489000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-109488date:2019-10-03T00:00:00
db:JVNDBid:JVNDB-2017-014435date:2019-05-24T00:00:00
db:CNNVDid:CNNVD-201905-077date:2020-05-22T00:00:00
db:NVDid:CVE-2017-18372date:2024-11-21T03:19:57.527

SOURCES RELEASE DATE
db:VULHUBid:VHN-109488date:2019-05-02T00:00:00
db:JVNDBid:JVNDB-2017-014435date:2019-05-24T00:00:00
db:CNNVDid:CNNVD-201905-077date:2019-05-02T00:00:00
db:NVDid:CVE-2017-18372date:2019-05-02T17:29:01.257