Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
5 vulnerabilities by barni
VAR-201905-0469
Vulnerability from variot - Updated: 2023-12-18 13:02MASTER IPCAMERA01 3.3.4.2103 devices allow Remote Command Execution, related to the thttpd component. MASTER IPCAMERA01 The device contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Master IP CAM 01 is a network camera. A command injection vulnerability exists in Master IP CAM 01 version 3.3.4.2103. This vulnerability stems from the fact that the network system or product does not correctly filter special elements in the process of constructing executable commands from external input data. Attackers can exploit this vulnerability to execute illegal commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0469",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "master ip camera01",
"scope": "eq",
"trust": 1.0,
"vendor": "barni",
"version": "3.3.4.2103"
},
{
"model": "master ipcamera01",
"scope": "eq",
"trust": 0.8,
"vendor": "barni carlo",
"version": "3.3.4.2103"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004440"
},
{
"db": "NVD",
"id": "CVE-2019-8387"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:barni:master_ip_camera01_firmware:3.3.4.2103:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:barni:master_ip_camera01:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-8387"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Raffaele Sabato",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201902-725"
}
],
"trust": 0.6
},
"cve": "CVE-2019-8387",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-8387",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-159822",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-8387",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-8387",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201902-725",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-159822",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-8387",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-159822"
},
{
"db": "VULMON",
"id": "CVE-2019-8387"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004440"
},
{
"db": "NVD",
"id": "CVE-2019-8387"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-725"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MASTER IPCAMERA01 3.3.4.2103 devices allow Remote Command Execution, related to the thttpd component. MASTER IPCAMERA01 The device contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Master IP CAM 01 is a network camera. A command injection vulnerability exists in Master IP CAM 01 version 3.3.4.2103. This vulnerability stems from the fact that the network system or product does not correctly filter special elements in the process of constructing executable commands from external input data. Attackers can exploit this vulnerability to execute illegal commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-8387"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004440"
},
{
"db": "VULHUB",
"id": "VHN-159822"
},
{
"db": "VULMON",
"id": "CVE-2019-8387"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "PACKETSTORM",
"id": "151725",
"trust": 2.6
},
{
"db": "NVD",
"id": "CVE-2019-8387",
"trust": 2.6
},
{
"db": "EXPLOIT-DB",
"id": "46400",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004440",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201902-725",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-159822",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-8387",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-159822"
},
{
"db": "VULMON",
"id": "CVE-2019-8387"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004440"
},
{
"db": "NVD",
"id": "CVE-2019-8387"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-725"
}
]
},
"id": "VAR-201905-0469",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-159822"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:02:14.007000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.barni.it/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004440"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-77",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-159822"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004440"
},
{
"db": "NVD",
"id": "CVE-2019-8387"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://packetstormsecurity.com/files/151725/master-ip-cam-01-3.3.4.2103-remote-command-execution.html"
},
{
"trust": 1.8,
"url": "https://syrion.me/blog/"
},
{
"trust": 1.8,
"url": "https://www.exploit-db.com/exploits/46400/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8387"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8387"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-159822"
},
{
"db": "VULMON",
"id": "CVE-2019-8387"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004440"
},
{
"db": "NVD",
"id": "CVE-2019-8387"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-725"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-159822"
},
{
"db": "VULMON",
"id": "CVE-2019-8387"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004440"
},
{
"db": "NVD",
"id": "CVE-2019-8387"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-725"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-08T00:00:00",
"db": "VULHUB",
"id": "VHN-159822"
},
{
"date": "2019-05-08T00:00:00",
"db": "VULMON",
"id": "CVE-2019-8387"
},
{
"date": "2019-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004440"
},
{
"date": "2019-05-08T14:29:00.547000",
"db": "NVD",
"id": "CVE-2019-8387"
},
{
"date": "2019-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201902-725"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-159822"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2019-8387"
},
{
"date": "2019-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004440"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2019-8387"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201902-725"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201902-725"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MASTER IPCAMERA01 Command injection vulnerability in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004440"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "command injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201902-725"
}
],
"trust": 0.6
}
}
VAR-201801-1647
Vulnerability from variot - Updated: 2023-12-18 12:44MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Download and Upload, as demonstrated by restore.cgi. MASTER IPCAMERA01 The device contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MASTER IPCAMERA01 is an IP network camera product. A security vulnerability exists in MASTER IPCAMERA01 version 3.3.4.2103. # Exploit Title: Master IP CAM 01 Multiple Vulnerabilities
Date: 17-01-2018
Remote: Yes
Exploit Authors: Daniele Linguaglossa, Raffaele Sabato
Contact: https://twitter.com/dzonerzy, https://twitter.com/syrion89
Vendor: Master IP CAM
Version: 3.3.4.2103
CVE: CVE-2018-5723, CVE-2018-5724, CVE-2018-5725, CVE-2018-5726
I DESCRIPTION
The Master IP CAM 01 suffers of multiple vulnerabilities:
[CVE-2018-5723] Hardcoded Password for Root Account
[CVE-2018-5724] Unauthenticated Configuration Download and Upload
[CVE-2018-5725] Unauthenticated Configuration Change
[CVE-2018-5726] Unauthenticated Sensitive Information Disclousure
II PROOF OF CONCEPT
[CVE-2018-5723] Hardcoded Password for Root Account
Is possible to access telnet with the hardcoded credential root:cat1029
[CVE-2018-5724] Unauthenticated Configuration Download and Upload
Download:
http://192.168.1.15/web/cgi-bin/hi3510/backup.cgi
Upload Form:
Unauthenticated Configuration Upload
[CVE-2018-5725] Unauthenticated Configuration Change
Change configuration:
http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=sethttpport&-httport=8080
List of available commands here: http://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf
[CVE-2018-5726] Unauthenticated Sensitive Information Disclousure
Retrieve sensitive information:
http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=getuser
III REFERENCES
http://syrion.me/blog/master-ipcam/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5723 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5724 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5725 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5726 http://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-1647",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "master ip camera01",
"scope": "eq",
"trust": 1.6,
"vendor": "barni",
"version": "3.3.4.2103"
},
{
"model": "master ipcamera01",
"scope": "eq",
"trust": 0.8,
"vendor": "barni carlo",
"version": "3.3.4.2103"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001497"
},
{
"db": "NVD",
"id": "CVE-2018-5724"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-571"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:barni:master_ip_camera01_firmware:3.3.4.2103:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:barni:master_ip_camera01:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5724"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Daniele Linguaglossa, Raffaele Sabato",
"sources": [
{
"db": "PACKETSTORM",
"id": "145935"
}
],
"trust": 0.1
},
"cve": "CVE-2018-5724",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-5724",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-135756",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-5724",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-5724",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-571",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-135756",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-5724",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135756"
},
{
"db": "VULMON",
"id": "CVE-2018-5724"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001497"
},
{
"db": "NVD",
"id": "CVE-2018-5724"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-571"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Download and Upload, as demonstrated by restore.cgi. MASTER IPCAMERA01 The device contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MASTER IPCAMERA01 is an IP network camera product. A security vulnerability exists in MASTER IPCAMERA01 version 3.3.4.2103. # Exploit Title: Master IP CAM 01 Multiple Vulnerabilities\n# Date: 17-01-2018\n# Remote: Yes\n# Exploit Authors: Daniele Linguaglossa, Raffaele Sabato\n# Contact: https://twitter.com/dzonerzy, https://twitter.com/syrion89\n# Vendor: Master IP CAM\n# Version: 3.3.4.2103\n# CVE: CVE-2018-5723, CVE-2018-5724, CVE-2018-5725, CVE-2018-5726\n \nI DESCRIPTION\n========================================================================\nThe Master IP CAM 01 suffers of multiple vulnerabilities:\n \n# [CVE-2018-5723] Hardcoded Password for Root Account\n# [CVE-2018-5724] Unauthenticated Configuration Download and Upload\n# [CVE-2018-5725] Unauthenticated Configuration Change\n# [CVE-2018-5726] Unauthenticated Sensitive Information Disclousure\n \n \nII PROOF OF CONCEPT\n========================================================================\n \n## [CVE-2018-5723] Hardcoded Password for Root Account\n \nIs possible to access telnet with the hardcoded credential root:cat1029\n \n \n## [CVE-2018-5724] Unauthenticated Configuration Download and Upload\n \nDownload:\n \nhttp://192.168.1.15/web/cgi-bin/hi3510/backup.cgi\n \nUpload Form:\n \n### Unauthenticated Configuration Upload\n\u003cform name=\"form6\" method=\"post\" enctype=\"multipart/form-data\"\naction=\"cgi-bin/hi3510/restore.cgi\" \u003e\n\u003cinput type=\"file\" name=\"setting_file\" \u003e\n\u003cinput type=\"submit\" value=\"restore\" \u003e\n\u003c/form\u003e\n \n \n## [CVE-2018-5725] Unauthenticated Configuration Change\n \nChange configuration:\n \nhttp://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=sethttpport\u0026-httport=8080\n \nList of available commands here:\nhttp://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf\n \n \n## [CVE-2018-5726] Unauthenticated Sensitive Information Disclousure\n \nRetrieve sensitive information:\n \nhttp://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=getuser\n \n \nIII REFERENCES\n========================================================================\nhttp://syrion.me/blog/master-ipcam/\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5723\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5724\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5725\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5726\nhttp://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5724"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001497"
},
{
"db": "VULHUB",
"id": "VHN-135756"
},
{
"db": "VULMON",
"id": "CVE-2018-5724"
},
{
"db": "PACKETSTORM",
"id": "145935"
}
],
"trust": 1.89
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-135756",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=43693",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135756"
},
{
"db": "VULMON",
"id": "CVE-2018-5724"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-5724",
"trust": 2.7
},
{
"db": "PACKETSTORM",
"id": "145935",
"trust": 1.2
},
{
"db": "EXPLOIT-DB",
"id": "43693",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001497",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201801-571",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-135756",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-5724",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135756"
},
{
"db": "VULMON",
"id": "CVE-2018-5724"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001497"
},
{
"db": "PACKETSTORM",
"id": "145935"
},
{
"db": "NVD",
"id": "CVE-2018-5724"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-571"
}
]
},
"id": "VAR-201801-1647",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-135756"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:44:12.593000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.barni.it/"
},
{
"title": "Python-CVE-Code",
"trust": 0.1,
"url": "https://github.com/gusrmsdlrh/cve-2018-5724 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-5724"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001497"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-434",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135756"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001497"
},
{
"db": "NVD",
"id": "CVE-2018-5724"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://syrion.me/blog/master-ipcam/"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/43693/"
},
{
"trust": 1.1,
"url": "https://packetstormsecurity.com/files/145935/master-ip-cam-01-hardcoded-password-unauthenticated-access.html"
},
{
"trust": 0.9,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5724"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5724"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5726"
},
{
"trust": 0.1,
"url": "http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=getuser"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5726"
},
{
"trust": 0.1,
"url": "https://twitter.com/syrion89"
},
{
"trust": 0.1,
"url": "http://www.themadhermit.net/wp-content/uploads/2013/03/fi9821w-cgi-commands.pdf"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5725"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5725"
},
{
"trust": 0.1,
"url": "http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=sethttpport\u0026-httport=8080"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5723"
},
{
"trust": 0.1,
"url": "https://twitter.com/dzonerzy,"
},
{
"trust": 0.1,
"url": "http://192.168.1.15/web/cgi-bin/hi3510/backup.cgi"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135756"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001497"
},
{
"db": "PACKETSTORM",
"id": "145935"
},
{
"db": "NVD",
"id": "CVE-2018-5724"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-571"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-135756"
},
{
"db": "VULMON",
"id": "CVE-2018-5724"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001497"
},
{
"db": "PACKETSTORM",
"id": "145935"
},
{
"db": "NVD",
"id": "CVE-2018-5724"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-571"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-16T00:00:00",
"db": "VULHUB",
"id": "VHN-135756"
},
{
"date": "2018-01-16T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5724"
},
{
"date": "2018-02-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001497"
},
{
"date": "2018-01-17T03:33:33",
"db": "PACKETSTORM",
"id": "145935"
},
{
"date": "2018-01-16T22:29:00.347000",
"db": "NVD",
"id": "CVE-2018-5724"
},
{
"date": "2018-01-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-571"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-02-05T00:00:00",
"db": "VULHUB",
"id": "VHN-135756"
},
{
"date": "2018-02-05T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5724"
},
{
"date": "2018-02-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001497"
},
{
"date": "2018-02-05T20:10:33.937000",
"db": "NVD",
"id": "CVE-2018-5724"
},
{
"date": "2018-01-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-571"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-571"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MASTER IPCAMERA01 Device unrestricted upload vulnerability type file vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001497"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-571"
}
],
"trust": 0.6
}
}
VAR-201801-1646
Vulnerability from variot - Updated: 2023-12-18 12:44MASTER IPCAMERA01 3.3.4.2103 devices have a hardcoded password of cat1029 for the root account. MASTER IPCAMERA01 The device contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MASTERIPCAMERA01 is an IP network camera product. An attacker could exploit this vulnerability to gain root privileges. # Exploit Title: Master IP CAM 01 Multiple Vulnerabilities
Date: 17-01-2018
Remote: Yes
Exploit Authors: Daniele Linguaglossa, Raffaele Sabato
Contact: https://twitter.com/dzonerzy, https://twitter.com/syrion89
Vendor: Master IP CAM
Version: 3.3.4.2103
CVE: CVE-2018-5723, CVE-2018-5724, CVE-2018-5725, CVE-2018-5726
I DESCRIPTION
The Master IP CAM 01 suffers of multiple vulnerabilities:
[CVE-2018-5723] Hardcoded Password for Root Account
[CVE-2018-5724] Unauthenticated Configuration Download and Upload
[CVE-2018-5725] Unauthenticated Configuration Change
[CVE-2018-5726] Unauthenticated Sensitive Information Disclousure
II PROOF OF CONCEPT
[CVE-2018-5723] Hardcoded Password for Root Account
Is possible to access telnet with the hardcoded credential root:cat1029
[CVE-2018-5724] Unauthenticated Configuration Download and Upload
Download:
http://192.168.1.15/web/cgi-bin/hi3510/backup.cgi
Upload Form:
Unauthenticated Configuration Upload
[CVE-2018-5725] Unauthenticated Configuration Change
Change configuration:
http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=sethttpport&-httport=8080
List of available commands here: http://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf
[CVE-2018-5726] Unauthenticated Sensitive Information Disclousure
Retrieve sensitive information:
http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=getuser
III REFERENCES
http://syrion.me/blog/master-ipcam/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5723 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5724 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5725 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5726 http://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-1646",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "master ip camera01",
"scope": "eq",
"trust": 1.6,
"vendor": "barni",
"version": "3.3.4.2103"
},
{
"model": "master ipcamera01",
"scope": "eq",
"trust": 0.8,
"vendor": "barni carlo",
"version": "3.3.4.2103"
},
{
"model": "ipcamera01",
"scope": "eq",
"trust": 0.6,
"vendor": "master",
"version": "3.3.4.2103"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02191"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001496"
},
{
"db": "NVD",
"id": "CVE-2018-5723"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-572"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:barni:master_ip_camera01_firmware:3.3.4.2103:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:barni:master_ip_camera01:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5723"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Daniele Linguaglossa, Raffaele Sabato",
"sources": [
{
"db": "PACKETSTORM",
"id": "145935"
}
],
"trust": 0.1
},
"cve": "CVE-2018-5723",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-5723",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-02191",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-135755",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-5723",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-5723",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-02191",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-572",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-135755",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-5723",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02191"
},
{
"db": "VULHUB",
"id": "VHN-135755"
},
{
"db": "VULMON",
"id": "CVE-2018-5723"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001496"
},
{
"db": "NVD",
"id": "CVE-2018-5723"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-572"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MASTER IPCAMERA01 3.3.4.2103 devices have a hardcoded password of cat1029 for the root account. MASTER IPCAMERA01 The device contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MASTERIPCAMERA01 is an IP network camera product. An attacker could exploit this vulnerability to gain root privileges. # Exploit Title: Master IP CAM 01 Multiple Vulnerabilities\n# Date: 17-01-2018\n# Remote: Yes\n# Exploit Authors: Daniele Linguaglossa, Raffaele Sabato\n# Contact: https://twitter.com/dzonerzy, https://twitter.com/syrion89\n# Vendor: Master IP CAM\n# Version: 3.3.4.2103\n# CVE: CVE-2018-5723, CVE-2018-5724, CVE-2018-5725, CVE-2018-5726\n \nI DESCRIPTION\n========================================================================\nThe Master IP CAM 01 suffers of multiple vulnerabilities:\n \n# [CVE-2018-5723] Hardcoded Password for Root Account\n# [CVE-2018-5724] Unauthenticated Configuration Download and Upload\n# [CVE-2018-5725] Unauthenticated Configuration Change\n# [CVE-2018-5726] Unauthenticated Sensitive Information Disclousure\n \n \nII PROOF OF CONCEPT\n========================================================================\n \n## [CVE-2018-5723] Hardcoded Password for Root Account\n \nIs possible to access telnet with the hardcoded credential root:cat1029\n \n \n## [CVE-2018-5724] Unauthenticated Configuration Download and Upload\n \nDownload:\n \nhttp://192.168.1.15/web/cgi-bin/hi3510/backup.cgi\n \nUpload Form:\n \n### Unauthenticated Configuration Upload\n\u003cform name=\"form6\" method=\"post\" enctype=\"multipart/form-data\"\naction=\"cgi-bin/hi3510/restore.cgi\" \u003e\n\u003cinput type=\"file\" name=\"setting_file\" \u003e\n\u003cinput type=\"submit\" value=\"restore\" \u003e\n\u003c/form\u003e\n \n \n## [CVE-2018-5725] Unauthenticated Configuration Change\n \nChange configuration:\n \nhttp://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=sethttpport\u0026-httport=8080\n \nList of available commands here:\nhttp://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf\n \n \n## [CVE-2018-5726] Unauthenticated Sensitive Information Disclousure\n \nRetrieve sensitive information:\n \nhttp://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=getuser\n \n \nIII REFERENCES\n========================================================================\nhttp://syrion.me/blog/master-ipcam/\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5723\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5724\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5725\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5726\nhttp://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5723"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001496"
},
{
"db": "CNVD",
"id": "CNVD-2018-02191"
},
{
"db": "VULHUB",
"id": "VHN-135755"
},
{
"db": "VULMON",
"id": "CVE-2018-5723"
},
{
"db": "PACKETSTORM",
"id": "145935"
}
],
"trust": 2.43
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-135755",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=43693",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135755"
},
{
"db": "VULMON",
"id": "CVE-2018-5723"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-5723",
"trust": 3.3
},
{
"db": "PACKETSTORM",
"id": "145935",
"trust": 1.3
},
{
"db": "EXPLOIT-DB",
"id": "43693",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001496",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201801-572",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-02191",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-135755",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-5723",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02191"
},
{
"db": "VULHUB",
"id": "VHN-135755"
},
{
"db": "VULMON",
"id": "CVE-2018-5723"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001496"
},
{
"db": "PACKETSTORM",
"id": "145935"
},
{
"db": "NVD",
"id": "CVE-2018-5723"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-572"
}
]
},
"id": "VAR-201801-1646",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02191"
},
{
"db": "VULHUB",
"id": "VHN-135755"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02191"
}
]
},
"last_update_date": "2023-12-18T12:44:12.558000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.barni.it/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001496"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135755"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001496"
},
{
"db": "NVD",
"id": "CVE-2018-5723"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://syrion.me/blog/master-ipcam/"
},
{
"trust": 1.3,
"url": "https://www.exploit-db.com/exploits/43693/"
},
{
"trust": 1.2,
"url": "https://packetstormsecurity.com/files/145935/master-ip-cam-01-hardcoded-password-unauthenticated-access.html"
},
{
"trust": 0.9,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5723"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5723"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5726"
},
{
"trust": 0.1,
"url": "http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=getuser"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5726"
},
{
"trust": 0.1,
"url": "https://twitter.com/syrion89"
},
{
"trust": 0.1,
"url": "http://www.themadhermit.net/wp-content/uploads/2013/03/fi9821w-cgi-commands.pdf"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5725"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5725"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5724"
},
{
"trust": 0.1,
"url": "http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=sethttpport\u0026-httport=8080"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5724"
},
{
"trust": 0.1,
"url": "https://twitter.com/dzonerzy,"
},
{
"trust": 0.1,
"url": "http://192.168.1.15/web/cgi-bin/hi3510/backup.cgi"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02191"
},
{
"db": "VULHUB",
"id": "VHN-135755"
},
{
"db": "VULMON",
"id": "CVE-2018-5723"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001496"
},
{
"db": "PACKETSTORM",
"id": "145935"
},
{
"db": "NVD",
"id": "CVE-2018-5723"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-572"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-02191"
},
{
"db": "VULHUB",
"id": "VHN-135755"
},
{
"db": "VULMON",
"id": "CVE-2018-5723"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001496"
},
{
"db": "PACKETSTORM",
"id": "145935"
},
{
"db": "NVD",
"id": "CVE-2018-5723"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-572"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-02191"
},
{
"date": "2018-01-16T00:00:00",
"db": "VULHUB",
"id": "VHN-135755"
},
{
"date": "2018-01-16T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5723"
},
{
"date": "2018-02-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001496"
},
{
"date": "2018-01-17T03:33:33",
"db": "PACKETSTORM",
"id": "145935"
},
{
"date": "2018-01-16T22:29:00.287000",
"db": "NVD",
"id": "CVE-2018-5723"
},
{
"date": "2018-01-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-572"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-02191"
},
{
"date": "2018-02-05T00:00:00",
"db": "VULHUB",
"id": "VHN-135755"
},
{
"date": "2018-02-05T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5723"
},
{
"date": "2018-02-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001496"
},
{
"date": "2018-02-05T20:07:25.757000",
"db": "NVD",
"id": "CVE-2018-5723"
},
{
"date": "2018-01-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-572"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-572"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MASTER IPCAMERA01 Vulnerabilities related to the use of hard-coded credentials on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001496"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-572"
}
],
"trust": 0.6
}
}
VAR-201801-1648
Vulnerability from variot - Updated: 2023-12-18 12:44MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Change, as demonstrated by the port number of the web server. MASTER IPCAMERA01 The device contains an access control vulnerability.Information may be tampered with. MASTERIPCAMERA01 is an IP network camera product. A configuration error vulnerability exists in the MASTERIPCAMERA013.3.4.2103 release. An attacker could exploit this vulnerability to change the configuration. # Exploit Title: Master IP CAM 01 Multiple Vulnerabilities
Date: 17-01-2018
Remote: Yes
Exploit Authors: Daniele Linguaglossa, Raffaele Sabato
Contact: https://twitter.com/dzonerzy, https://twitter.com/syrion89
Vendor: Master IP CAM
Version: 3.3.4.2103
CVE: CVE-2018-5723, CVE-2018-5724, CVE-2018-5725, CVE-2018-5726
I DESCRIPTION
The Master IP CAM 01 suffers of multiple vulnerabilities:
[CVE-2018-5723] Hardcoded Password for Root Account
[CVE-2018-5724] Unauthenticated Configuration Download and Upload
[CVE-2018-5725] Unauthenticated Configuration Change
[CVE-2018-5726] Unauthenticated Sensitive Information Disclousure
II PROOF OF CONCEPT
[CVE-2018-5723] Hardcoded Password for Root Account
Is possible to access telnet with the hardcoded credential root:cat1029
[CVE-2018-5724] Unauthenticated Configuration Download and Upload
Download:
http://192.168.1.15/web/cgi-bin/hi3510/backup.cgi
Upload Form:
Unauthenticated Configuration Upload
[CVE-2018-5725] Unauthenticated Configuration Change
Change configuration:
http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=sethttpport&-httport=8080
List of available commands here: http://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf
[CVE-2018-5726] Unauthenticated Sensitive Information Disclousure
Retrieve sensitive information:
http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=getuser
III REFERENCES
http://syrion.me/blog/master-ipcam/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5723 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5724 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5725 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5726 http://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-1648",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "master ip camera01",
"scope": "eq",
"trust": 1.6,
"vendor": "barni",
"version": "3.3.4.2103"
},
{
"model": "master ipcamera01",
"scope": "eq",
"trust": 0.8,
"vendor": "barni carlo",
"version": "3.3.4.2103"
},
{
"model": "ipcamera01",
"scope": "eq",
"trust": 0.6,
"vendor": "master",
"version": "3.3.4.2103"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02193"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001498"
},
{
"db": "NVD",
"id": "CVE-2018-5725"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-570"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:barni:master_ip_camera01_firmware:3.3.4.2103:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:barni:master_ip_camera01:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5725"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Daniele Linguaglossa, Raffaele Sabato",
"sources": [
{
"db": "PACKETSTORM",
"id": "145935"
}
],
"trust": 0.1
},
"cve": "CVE-2018-5725",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-5725",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2018-02193",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-135757",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-5725",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-5725",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-02193",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-570",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-135757",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-5725",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02193"
},
{
"db": "VULHUB",
"id": "VHN-135757"
},
{
"db": "VULMON",
"id": "CVE-2018-5725"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001498"
},
{
"db": "NVD",
"id": "CVE-2018-5725"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-570"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Change, as demonstrated by the port number of the web server. MASTER IPCAMERA01 The device contains an access control vulnerability.Information may be tampered with. MASTERIPCAMERA01 is an IP network camera product. A configuration error vulnerability exists in the MASTERIPCAMERA013.3.4.2103 release. An attacker could exploit this vulnerability to change the configuration. # Exploit Title: Master IP CAM 01 Multiple Vulnerabilities\n# Date: 17-01-2018\n# Remote: Yes\n# Exploit Authors: Daniele Linguaglossa, Raffaele Sabato\n# Contact: https://twitter.com/dzonerzy, https://twitter.com/syrion89\n# Vendor: Master IP CAM\n# Version: 3.3.4.2103\n# CVE: CVE-2018-5723, CVE-2018-5724, CVE-2018-5725, CVE-2018-5726\n \nI DESCRIPTION\n========================================================================\nThe Master IP CAM 01 suffers of multiple vulnerabilities:\n \n# [CVE-2018-5723] Hardcoded Password for Root Account\n# [CVE-2018-5724] Unauthenticated Configuration Download and Upload\n# [CVE-2018-5725] Unauthenticated Configuration Change\n# [CVE-2018-5726] Unauthenticated Sensitive Information Disclousure\n \n \nII PROOF OF CONCEPT\n========================================================================\n \n## [CVE-2018-5723] Hardcoded Password for Root Account\n \nIs possible to access telnet with the hardcoded credential root:cat1029\n \n \n## [CVE-2018-5724] Unauthenticated Configuration Download and Upload\n \nDownload:\n \nhttp://192.168.1.15/web/cgi-bin/hi3510/backup.cgi\n \nUpload Form:\n \n### Unauthenticated Configuration Upload\n\u003cform name=\"form6\" method=\"post\" enctype=\"multipart/form-data\"\naction=\"cgi-bin/hi3510/restore.cgi\" \u003e\n\u003cinput type=\"file\" name=\"setting_file\" \u003e\n\u003cinput type=\"submit\" value=\"restore\" \u003e\n\u003c/form\u003e\n \n \n## [CVE-2018-5725] Unauthenticated Configuration Change\n \nChange configuration:\n \nhttp://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=sethttpport\u0026-httport=8080\n \nList of available commands here:\nhttp://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf\n \n \n## [CVE-2018-5726] Unauthenticated Sensitive Information Disclousure\n \nRetrieve sensitive information:\n \nhttp://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=getuser\n \n \nIII REFERENCES\n========================================================================\nhttp://syrion.me/blog/master-ipcam/\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5723\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5724\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5725\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5726\nhttp://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5725"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001498"
},
{
"db": "CNVD",
"id": "CNVD-2018-02193"
},
{
"db": "VULHUB",
"id": "VHN-135757"
},
{
"db": "VULMON",
"id": "CVE-2018-5725"
},
{
"db": "PACKETSTORM",
"id": "145935"
}
],
"trust": 2.43
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-135757",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=43693",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135757"
},
{
"db": "VULMON",
"id": "CVE-2018-5725"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-5725",
"trust": 3.3
},
{
"db": "PACKETSTORM",
"id": "145935",
"trust": 1.9
},
{
"db": "EXPLOIT-DB",
"id": "43693",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001498",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201801-570",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-02193",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-135757",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-5725",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02193"
},
{
"db": "VULHUB",
"id": "VHN-135757"
},
{
"db": "VULMON",
"id": "CVE-2018-5725"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001498"
},
{
"db": "PACKETSTORM",
"id": "145935"
},
{
"db": "NVD",
"id": "CVE-2018-5725"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-570"
}
]
},
"id": "VAR-201801-1648",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02193"
},
{
"db": "VULHUB",
"id": "VHN-135757"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02193"
}
]
},
"last_update_date": "2023-12-18T12:44:12.523000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.barni.it/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001498"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.1
},
{
"problemtype": "CWE-284",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135757"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001498"
},
{
"db": "NVD",
"id": "CVE-2018-5725"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://syrion.me/blog/master-ipcam/"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/43693/"
},
{
"trust": 1.8,
"url": "https://packetstormsecurity.com/files/145935/master-ip-cam-01-hardcoded-password-unauthenticated-access.html"
},
{
"trust": 0.9,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5725"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5725"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5726"
},
{
"trust": 0.1,
"url": "http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=getuser"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5726"
},
{
"trust": 0.1,
"url": "https://twitter.com/syrion89"
},
{
"trust": 0.1,
"url": "http://www.themadhermit.net/wp-content/uploads/2013/03/fi9821w-cgi-commands.pdf"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5724"
},
{
"trust": 0.1,
"url": "http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=sethttpport\u0026-httport=8080"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5724"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5723"
},
{
"trust": 0.1,
"url": "https://twitter.com/dzonerzy,"
},
{
"trust": 0.1,
"url": "http://192.168.1.15/web/cgi-bin/hi3510/backup.cgi"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02193"
},
{
"db": "VULHUB",
"id": "VHN-135757"
},
{
"db": "VULMON",
"id": "CVE-2018-5725"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001498"
},
{
"db": "PACKETSTORM",
"id": "145935"
},
{
"db": "NVD",
"id": "CVE-2018-5725"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-570"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-02193"
},
{
"db": "VULHUB",
"id": "VHN-135757"
},
{
"db": "VULMON",
"id": "CVE-2018-5725"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001498"
},
{
"db": "PACKETSTORM",
"id": "145935"
},
{
"db": "NVD",
"id": "CVE-2018-5725"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-570"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-02193"
},
{
"date": "2018-01-16T00:00:00",
"db": "VULHUB",
"id": "VHN-135757"
},
{
"date": "2018-01-16T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5725"
},
{
"date": "2018-02-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001498"
},
{
"date": "2018-01-17T03:33:33",
"db": "PACKETSTORM",
"id": "145935"
},
{
"date": "2018-01-16T22:29:00.397000",
"db": "NVD",
"id": "CVE-2018-5725"
},
{
"date": "2018-01-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-570"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-02193"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-135757"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5725"
},
{
"date": "2018-02-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001498"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2018-5725"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-570"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-570"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MASTER IPCAMERA01 Device access control vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001498"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-570"
}
],
"trust": 0.6
}
}
VAR-201801-1649
Vulnerability from variot - Updated: 2023-12-18 12:44MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain sensitive information via a crafted HTTP request, as demonstrated by the username, password, and configuration settings. MASTER IPCAMERA01 The device contains an information disclosure vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MASTERIPCAMERA01 is an IP network camera product. An information disclosure vulnerability exists in the MASTERIPCAMERA013.3.4.2103 release. # Exploit Title: Master IP CAM 01 Multiple Vulnerabilities
Date: 17-01-2018
Remote: Yes
Exploit Authors: Daniele Linguaglossa, Raffaele Sabato
Contact: https://twitter.com/dzonerzy, https://twitter.com/syrion89
Vendor: Master IP CAM
Version: 3.3.4.2103
CVE: CVE-2018-5723, CVE-2018-5724, CVE-2018-5725, CVE-2018-5726
I DESCRIPTION
The Master IP CAM 01 suffers of multiple vulnerabilities:
[CVE-2018-5723] Hardcoded Password for Root Account
[CVE-2018-5724] Unauthenticated Configuration Download and Upload
[CVE-2018-5725] Unauthenticated Configuration Change
[CVE-2018-5726] Unauthenticated Sensitive Information Disclousure
II PROOF OF CONCEPT
[CVE-2018-5723] Hardcoded Password for Root Account
Is possible to access telnet with the hardcoded credential root:cat1029
[CVE-2018-5724] Unauthenticated Configuration Download and Upload
Download:
http://192.168.1.15/web/cgi-bin/hi3510/backup.cgi
Upload Form:
Unauthenticated Configuration Upload
[CVE-2018-5725] Unauthenticated Configuration Change
Change configuration:
http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=sethttpport&-httport=8080
List of available commands here: http://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf
[CVE-2018-5726] Unauthenticated Sensitive Information Disclousure
Retrieve sensitive information:
http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=getuser
III REFERENCES
http://syrion.me/blog/master-ipcam/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5723 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5724 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5725 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5726 http://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-1649",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "master ip camera01",
"scope": "eq",
"trust": 1.6,
"vendor": "barni",
"version": "3.3.4.2103"
},
{
"model": "master ipcamera01",
"scope": "eq",
"trust": 0.8,
"vendor": "barni carlo",
"version": "3.3.4.2103"
},
{
"model": "ipcamera01",
"scope": "eq",
"trust": 0.6,
"vendor": "master",
"version": "3.3.4.2103"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02194"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001499"
},
{
"db": "NVD",
"id": "CVE-2018-5726"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-569"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:barni:master_ip_camera01_firmware:3.3.4.2103:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:barni:master_ip_camera01:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5726"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Daniele Linguaglossa, Raffaele Sabato",
"sources": [
{
"db": "PACKETSTORM",
"id": "145935"
}
],
"trust": 0.1
},
"cve": "CVE-2018-5726",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-5726",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-02194",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-135758",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-5726",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-5726",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-02194",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-569",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-135758",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-5726",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02194"
},
{
"db": "VULHUB",
"id": "VHN-135758"
},
{
"db": "VULMON",
"id": "CVE-2018-5726"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001499"
},
{
"db": "NVD",
"id": "CVE-2018-5726"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-569"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain sensitive information via a crafted HTTP request, as demonstrated by the username, password, and configuration settings. MASTER IPCAMERA01 The device contains an information disclosure vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MASTERIPCAMERA01 is an IP network camera product. An information disclosure vulnerability exists in the MASTERIPCAMERA013.3.4.2103 release. # Exploit Title: Master IP CAM 01 Multiple Vulnerabilities\n# Date: 17-01-2018\n# Remote: Yes\n# Exploit Authors: Daniele Linguaglossa, Raffaele Sabato\n# Contact: https://twitter.com/dzonerzy, https://twitter.com/syrion89\n# Vendor: Master IP CAM\n# Version: 3.3.4.2103\n# CVE: CVE-2018-5723, CVE-2018-5724, CVE-2018-5725, CVE-2018-5726\n \nI DESCRIPTION\n========================================================================\nThe Master IP CAM 01 suffers of multiple vulnerabilities:\n \n# [CVE-2018-5723] Hardcoded Password for Root Account\n# [CVE-2018-5724] Unauthenticated Configuration Download and Upload\n# [CVE-2018-5725] Unauthenticated Configuration Change\n# [CVE-2018-5726] Unauthenticated Sensitive Information Disclousure\n \n \nII PROOF OF CONCEPT\n========================================================================\n \n## [CVE-2018-5723] Hardcoded Password for Root Account\n \nIs possible to access telnet with the hardcoded credential root:cat1029\n \n \n## [CVE-2018-5724] Unauthenticated Configuration Download and Upload\n \nDownload:\n \nhttp://192.168.1.15/web/cgi-bin/hi3510/backup.cgi\n \nUpload Form:\n \n### Unauthenticated Configuration Upload\n\u003cform name=\"form6\" method=\"post\" enctype=\"multipart/form-data\"\naction=\"cgi-bin/hi3510/restore.cgi\" \u003e\n\u003cinput type=\"file\" name=\"setting_file\" \u003e\n\u003cinput type=\"submit\" value=\"restore\" \u003e\n\u003c/form\u003e\n \n \n## [CVE-2018-5725] Unauthenticated Configuration Change\n \nChange configuration:\n \nhttp://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=sethttpport\u0026-httport=8080\n \nList of available commands here:\nhttp://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf\n \n \n## [CVE-2018-5726] Unauthenticated Sensitive Information Disclousure\n \nRetrieve sensitive information:\n \nhttp://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=getuser\n \n \nIII REFERENCES\n========================================================================\nhttp://syrion.me/blog/master-ipcam/\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5723\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5724\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5725\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5726\nhttp://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5726"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001499"
},
{
"db": "CNVD",
"id": "CNVD-2018-02194"
},
{
"db": "VULHUB",
"id": "VHN-135758"
},
{
"db": "VULMON",
"id": "CVE-2018-5726"
},
{
"db": "PACKETSTORM",
"id": "145935"
}
],
"trust": 2.43
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-135758",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=43693",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135758"
},
{
"db": "VULMON",
"id": "CVE-2018-5726"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-5726",
"trust": 3.3
},
{
"db": "PACKETSTORM",
"id": "145935",
"trust": 1.3
},
{
"db": "EXPLOIT-DB",
"id": "43693",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001499",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201801-569",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-02194",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-135758",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-5726",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02194"
},
{
"db": "VULHUB",
"id": "VHN-135758"
},
{
"db": "VULMON",
"id": "CVE-2018-5726"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001499"
},
{
"db": "PACKETSTORM",
"id": "145935"
},
{
"db": "NVD",
"id": "CVE-2018-5726"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-569"
}
]
},
"id": "VAR-201801-1649",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02194"
},
{
"db": "VULHUB",
"id": "VHN-135758"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02194"
}
]
},
"last_update_date": "2023-12-18T12:44:12.480000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.barni.it/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001499"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135758"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001499"
},
{
"db": "NVD",
"id": "CVE-2018-5726"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://syrion.me/blog/master-ipcam/"
},
{
"trust": 1.3,
"url": "https://www.exploit-db.com/exploits/43693/"
},
{
"trust": 1.2,
"url": "https://packetstormsecurity.com/files/145935/master-ip-cam-01-hardcoded-password-unauthenticated-access.html"
},
{
"trust": 0.9,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5726"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5726"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=getuser"
},
{
"trust": 0.1,
"url": "https://twitter.com/syrion89"
},
{
"trust": 0.1,
"url": "http://www.themadhermit.net/wp-content/uploads/2013/03/fi9821w-cgi-commands.pdf"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5725"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5725"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5724"
},
{
"trust": 0.1,
"url": "http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=sethttpport\u0026-httport=8080"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5724"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5723"
},
{
"trust": 0.1,
"url": "https://twitter.com/dzonerzy,"
},
{
"trust": 0.1,
"url": "http://192.168.1.15/web/cgi-bin/hi3510/backup.cgi"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-02194"
},
{
"db": "VULHUB",
"id": "VHN-135758"
},
{
"db": "VULMON",
"id": "CVE-2018-5726"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001499"
},
{
"db": "PACKETSTORM",
"id": "145935"
},
{
"db": "NVD",
"id": "CVE-2018-5726"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-569"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-02194"
},
{
"db": "VULHUB",
"id": "VHN-135758"
},
{
"db": "VULMON",
"id": "CVE-2018-5726"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001499"
},
{
"db": "PACKETSTORM",
"id": "145935"
},
{
"db": "NVD",
"id": "CVE-2018-5726"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-569"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-02194"
},
{
"date": "2018-01-16T00:00:00",
"db": "VULHUB",
"id": "VHN-135758"
},
{
"date": "2018-01-16T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5726"
},
{
"date": "2018-02-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001499"
},
{
"date": "2018-01-17T03:33:33",
"db": "PACKETSTORM",
"id": "145935"
},
{
"date": "2018-01-16T22:29:00.443000",
"db": "NVD",
"id": "CVE-2018-5726"
},
{
"date": "2018-01-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-569"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-02194"
},
{
"date": "2018-02-05T00:00:00",
"db": "VULHUB",
"id": "VHN-135758"
},
{
"date": "2018-02-05T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5726"
},
{
"date": "2018-02-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001499"
},
{
"date": "2018-02-05T20:07:10.163000",
"db": "NVD",
"id": "CVE-2018-5726"
},
{
"date": "2018-01-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-569"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-569"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MASTER IPCAMERA01 Information disclosure vulnerability in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001499"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-569"
}
],
"trust": 0.6
}
}