Vulnerabilites related to skyworthdigital - dt740
var-201903-1284
Vulnerability from variot
An issue was discovered on Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV) SDOTBGN1, DT721-cb SDOTBGN1, and DT741-cb SDOTBGN1 devices. A long password to the Web_passwd function allows remote attackers to cause a denial of service (segmentation fault) or achieve unauthenticated remote code execution because of control of registers S0 through S4 and T4 through T7. Skyworth DT741 , DT721-cb , DT741-cb The device contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. There is an input validation error vulnerability in Skyworth GPON HomeGateways and Optical Network terminals. The vulnerability originates from incorrect verification of data boundaries when network systems or products perform operations on memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. The following products and versions are affected: DT741 Converged Intelligent Terminal (G/EPON+IPTV); DT741 Converged Intelligent Terminal (G/EPON+IPTV); DT721-cb GPON uplink home gateway (GPON+2FE+1POTS); DT721-cb GPON Uplink Home Gateway (GPON+2FE+1POTS); DT741-cb GPON uplink home gateway (GPON+4FE+1POTS+WIFI+USB); DT741-cb GPON Uplink Home Gateway (GPON+4FE+1POTS+WIFI+USB); DT741 -cbGPON uplink home gateway DT741-cb
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-1284",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dt741-cb",
"scope": "eq",
"trust": 1.0,
"vendor": "skyworthdigital",
"version": "sdotbgn1"
},
{
"model": "dt740",
"scope": "eq",
"trust": 1.0,
"vendor": "skyworthdigital",
"version": "sdotbgn1"
},
{
"model": "dt721-cb",
"scope": "eq",
"trust": 1.0,
"vendor": "skyworthdigital",
"version": "sdotbgn1"
},
{
"model": "dt721-cb",
"scope": null,
"trust": 0.8,
"vendor": "skyworth digital holdings",
"version": null
},
{
"model": "dt741",
"scope": null,
"trust": 0.8,
"vendor": "skyworth digital holdings",
"version": null
},
{
"model": "dt741-cb",
"scope": null,
"trust": 0.8,
"vendor": "skyworth digital holdings",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015161"
},
{
"db": "NVD",
"id": "CVE-2018-19524"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:skyworthdigital:dt721-cb_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:skyworthdigital:dt741_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:skyworthdigital:dt741-cb_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015161"
}
]
},
"cve": "CVE-2018-19524",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-19524",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-130192",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-19524",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-19524",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-19524",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201902-576",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-130192",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-19524",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-130192"
},
{
"db": "VULMON",
"id": "CVE-2018-19524"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015161"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-576"
},
{
"db": "NVD",
"id": "CVE-2018-19524"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV) SDOTBGN1, DT721-cb SDOTBGN1, and DT741-cb SDOTBGN1 devices. A long password to the Web_passwd function allows remote attackers to cause a denial of service (segmentation fault) or achieve unauthenticated remote code execution because of control of registers S0 through S4 and T4 through T7. Skyworth DT741 , DT721-cb , DT741-cb The device contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. There is an input validation error vulnerability in Skyworth GPON HomeGateways and Optical Network terminals. The vulnerability originates from incorrect verification of data boundaries when network systems or products perform operations on memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. The following products and versions are affected: DT741 Converged Intelligent Terminal (G/EPON+IPTV); DT741 Converged Intelligent Terminal (G/EPON+IPTV); DT721-cb GPON uplink home gateway (GPON+2FE+1POTS); DT721-cb GPON Uplink Home Gateway (GPON+2FE+1POTS); DT741-cb GPON uplink home gateway (GPON+4FE+1POTS+WIFI+USB); DT741-cb GPON Uplink Home Gateway (GPON+4FE+1POTS+WIFI+USB); DT741 -cbGPON uplink home gateway DT741-cb",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19524"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015161"
},
{
"db": "VULHUB",
"id": "VHN-130192"
},
{
"db": "VULMON",
"id": "CVE-2018-19524"
}
],
"trust": 1.8
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-130192",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=46358",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-130192"
},
{
"db": "VULMON",
"id": "CVE-2018-19524"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "PACKETSTORM",
"id": "151608",
"trust": 2.6
},
{
"db": "NVD",
"id": "CVE-2018-19524",
"trust": 2.6
},
{
"db": "EXPLOIT-DB",
"id": "46358",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015161",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201902-576",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-130192",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-19524",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-130192"
},
{
"db": "VULMON",
"id": "CVE-2018-19524"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015161"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-576"
},
{
"db": "NVD",
"id": "CVE-2018-19524"
}
]
},
"id": "VAR-201903-1284",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-130192"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:58:45.935000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.skyworthdigital.com/"
},
{
"title": "s3curityb3ast.github.io",
"trust": 0.1,
"url": "https://github.com/s3curityb3ast/s3curityb3ast.github.io "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-19524"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015161"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-130192"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015161"
},
{
"db": "NVD",
"id": "CVE-2018-19524"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://packetstormsecurity.com/files/151608/skyworth-gpon-homegateways-optical-network-stack-overflow.html"
},
{
"trust": 1.8,
"url": "https://seclists.org/bugtraq/2019/feb/21"
},
{
"trust": 1.8,
"url": "https://www.exploit-db.com/exploits/46358/"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2019/feb/30"
},
{
"trust": 1.8,
"url": "https://s3curityb3ast.github.io/ksa-dev-001.md"
},
{
"trust": 1.8,
"url": "https://www.breakthesec.com/2019/02/cve-2018-19524-stack-overflow-in.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19524"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19524"
},
{
"trust": 0.6,
"url": "http://breakthesec.com"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/cve/cve-2018-19524"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/46358"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/s3curityb3ast/s3curityb3ast.github.io"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-130192"
},
{
"db": "VULMON",
"id": "CVE-2018-19524"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015161"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-576"
},
{
"db": "NVD",
"id": "CVE-2018-19524"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-130192"
},
{
"db": "VULMON",
"id": "CVE-2018-19524"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015161"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-576"
},
{
"db": "NVD",
"id": "CVE-2018-19524"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-130192"
},
{
"date": "2019-03-21T00:00:00",
"db": "VULMON",
"id": "CVE-2018-19524"
},
{
"date": "2019-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015161"
},
{
"date": "2019-02-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201902-576"
},
{
"date": "2019-03-21T16:00:31.703000",
"db": "NVD",
"id": "CVE-2018-19524"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-08T00:00:00",
"db": "VULHUB",
"id": "VHN-130192"
},
{
"date": "2019-05-08T00:00:00",
"db": "VULMON",
"id": "CVE-2018-19524"
},
{
"date": "2019-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015161"
},
{
"date": "2020-05-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201902-576"
},
{
"date": "2024-11-21T03:58:05.857000",
"db": "NVD",
"id": "CVE-2018-19524"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201902-576"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Skyworth Vulnerability related to input validation in device products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015161"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201902-576"
}
],
"trust": 0.6
}
}
Vulnerability from fkie_nvd
Published
2019-03-21 16:00
Modified
2024-11-21 03:58
Severity ?
Summary
An issue was discovered on Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV) SDOTBGN1, DT721-cb SDOTBGN1, and DT741-cb SDOTBGN1 devices. A long password to the Web_passwd function allows remote attackers to cause a denial of service (segmentation fault) or achieve unauthenticated remote code execution because of control of registers S0 through S4 and T4 through T7.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| skyworthdigital | dt740_firmware | sdotbgn1 | |
| skyworthdigital | dt740 | - | |
| skyworthdigital | dt721-cb_firmware | sdotbgn1 | |
| skyworthdigital | dt721-cb | - | |
| skyworthdigital | dt741-cb_firmware | sdotbgn1 | |
| skyworthdigital | dt741-cb | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:skyworthdigital:dt740_firmware:sdotbgn1:*:*:*:*:*:*:*",
"matchCriteriaId": "369F96EF-0D34-406F-BA1F-026D370D7253",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:skyworthdigital:dt740:-:*:*:*:*:*:*:*",
"matchCriteriaId": "631E3A76-3267-44E9-9891-53E11BB22AB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:skyworthdigital:dt721-cb_firmware:sdotbgn1:*:*:*:*:*:*:*",
"matchCriteriaId": "9F404F2E-BD66-4EC5-B497-F12713A5D99A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:skyworthdigital:dt721-cb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4AA666-0A58-494F-B7BA-6EB3799876CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:skyworthdigital:dt741-cb_firmware:sdotbgn1:*:*:*:*:*:*:*",
"matchCriteriaId": "27563598-6C48-4AFF-B4F8-C1345FFAB5F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:skyworthdigital:dt741-cb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32732015-CAAA-457E-AD0E-0233010D2162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV) SDOTBGN1, DT721-cb SDOTBGN1, and DT741-cb SDOTBGN1 devices. A long password to the Web_passwd function allows remote attackers to cause a denial of service (segmentation fault) or achieve unauthenticated remote code execution because of control of registers S0 through S4 and T4 through T7."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en dispositivos Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV) SDOTBGN1, DT721-cb SDOTBGN1 y DT741-cb SDOTBGN1. Una contrase\u00f1a larga en la funci\u00f3n Web_passwd permite que los atacantes remotos provoquen una denegaci\u00f3n de servicio (fallo de segmentaci\u00f3n) o logren ejecutar c\u00f3digo de forma remota debido al control de registros S0 hasta S4 y T4 hasta T7."
}
],
"id": "CVE-2018-19524",
"lastModified": "2024-11-21T03:58:05.857",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-21T16:00:31.703",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151608/Skyworth-GPON-HomeGateways-Optical-Network-Stack-Overflow.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/30"
},
{
"source": "cve@mitre.org",
"url": "https://s3curityb3ast.github.io/KSA-Dev-001.md"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Feb/21"
},
{
"source": "cve@mitre.org",
"url": "https://www.breakthesec.com/2019/02/cve-2018-19524-stack-overflow-in.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/46358/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/151608/Skyworth-GPON-HomeGateways-Optical-Network-Stack-Overflow.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/30"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://s3curityb3ast.github.io/KSA-Dev-001.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Feb/21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.breakthesec.com/2019/02/cve-2018-19524-stack-overflow-in.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/46358/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2018-19524
Vulnerability from cvelistv5
Published
2019-03-17 18:38
Modified
2024-08-05 11:37
Severity ?
EPSS score ?
Summary
An issue was discovered on Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV) SDOTBGN1, DT721-cb SDOTBGN1, and DT741-cb SDOTBGN1 devices. A long password to the Web_passwd function allows remote attackers to cause a denial of service (segmentation fault) or achieve unauthenticated remote code execution because of control of registers S0 through S4 and T4 through T7.
References
| ▼ | URL | Tags |
|---|---|---|
| https://seclists.org/bugtraq/2019/Feb/21 | mailing-list, x_refsource_BUGTRAQ | |
| https://www.exploit-db.com/exploits/46358/ | exploit, x_refsource_EXPLOIT-DB | |
| https://s3curityb3ast.github.io/KSA-Dev-001.md | x_refsource_MISC | |
| http://packetstormsecurity.com/files/151608/Skyworth-GPON-HomeGateways-Optical-Network-Stack-Overflow.html | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2019/Feb/30 | mailing-list, x_refsource_FULLDISC | |
| https://www.breakthesec.com/2019/02/cve-2018-19524-stack-overflow-in.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:37:11.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190210 KSA-DEV-001: CVE-2018-19524 : StackOverflow in Multiple Skyworth GPON HomeGateways and Optical Network terminals.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Feb/21"
},
{
"name": "46358",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46358/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://s3curityb3ast.github.io/KSA-Dev-001.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/151608/Skyworth-GPON-HomeGateways-Optical-Network-Stack-Overflow.html"
},
{
"name": "20190212 KSA-DEV-001: CVE-2018-19524 : StackOverflow in Multiple Skyworth GPON HomeGateways and Optical Network terminals.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/30"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.breakthesec.com/2019/02/cve-2018-19524-stack-overflow-in.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV) SDOTBGN1, DT721-cb SDOTBGN1, and DT741-cb SDOTBGN1 devices. A long password to the Web_passwd function allows remote attackers to cause a denial of service (segmentation fault) or achieve unauthenticated remote code execution because of control of registers S0 through S4 and T4 through T7."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-08T19:54:36",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20190210 KSA-DEV-001: CVE-2018-19524 : StackOverflow in Multiple Skyworth GPON HomeGateways and Optical Network terminals.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Feb/21"
},
{
"name": "46358",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46358/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://s3curityb3ast.github.io/KSA-Dev-001.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/151608/Skyworth-GPON-HomeGateways-Optical-Network-Stack-Overflow.html"
},
{
"name": "20190212 KSA-DEV-001: CVE-2018-19524 : StackOverflow in Multiple Skyworth GPON HomeGateways and Optical Network terminals.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Feb/30"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.breakthesec.com/2019/02/cve-2018-19524-stack-overflow-in.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19524",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered on Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV) SDOTBGN1, DT721-cb SDOTBGN1, and DT741-cb SDOTBGN1 devices. A long password to the Web_passwd function allows remote attackers to cause a denial of service (segmentation fault) or achieve unauthenticated remote code execution because of control of registers S0 through S4 and T4 through T7."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190210 KSA-DEV-001: CVE-2018-19524 : StackOverflow in Multiple Skyworth GPON HomeGateways and Optical Network terminals.",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Feb/21"
},
{
"name": "46358",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46358/"
},
{
"name": "https://s3curityb3ast.github.io/KSA-Dev-001.md",
"refsource": "MISC",
"url": "https://s3curityb3ast.github.io/KSA-Dev-001.md"
},
{
"name": "http://packetstormsecurity.com/files/151608/Skyworth-GPON-HomeGateways-Optical-Network-Stack-Overflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/151608/Skyworth-GPON-HomeGateways-Optical-Network-Stack-Overflow.html"
},
{
"name": "20190212 KSA-DEV-001: CVE-2018-19524 : StackOverflow in Multiple Skyworth GPON HomeGateways and Optical Network terminals.",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Feb/30"
},
{
"name": "https://www.breakthesec.com/2019/02/cve-2018-19524-stack-overflow-in.html",
"refsource": "MISC",
"url": "https://www.breakthesec.com/2019/02/cve-2018-19524-stack-overflow-in.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-19524",
"datePublished": "2019-03-17T18:38:49",
"dateReserved": "2018-11-25T00:00:00",
"dateUpdated": "2024-08-05T11:37:11.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}